It seems easy enough, why buy a tablet for an employee when they already have one? And when your employee wants to put business email and other applications on their smart device they simply want to do their job better. So when an employee wants to use a personal device, what are the risks involved?
Loss of device – Losing a device is a huge network security risk. All devices come with security measures, but in the wrong, determined hands these can be bypassed and take as much data as they want.
Untrained employees – Even the best of intentions can open your company up to significant security risks. When employees are only left to their best judgment, they can potentially download a malicious application or hand it to a family member who can have access to business data with only a few clicks.
Termination – Employees don’t always leave under amicable circumstances. If you have to fire an employee that has company data or access to company files on their smartphones, how do you retrieve or delete their access?
Liability – Who should pay for the new device if it is lost or needs to be replaced? Is a personal device used for business the property of the employee or the business?
Bring your own device (BYOD) is a great way to reduce costs and give your employees flexibility and mobility. To limit the risks involved with employees using their own devices, implement a BYOD security and training policy. That policy should:
- Define how devices can be used – specify what applications are safe to use
- Set expectations – The employee should fully understand what they can and can’t do with their personal device if they choose to use it for business. Define who is liable for loss and what acceptable use should be. This should come with formal BYOD training.
- Have a process for when an employee leaves or gets a new device – Your security policies should have a process that ensures all business data is wiped from the device.
If your company is thinking about letting your employees use their mobile devices, or if you already do and don’t have a clear process and BYOD policy, you can mitigate the risks by calling Entre Technology. We can review your security framework so you can clearly see how BYOD will integrate, or we can help you fill in the gaps in your security that BYOD will create.