Home Thinking Aloud 3 BYOD Risks And Solutions For SMBs

3 BYOD Risks And Solutions For SMBs

1705
0

By Brian Sutter, Director of Marketing, Wasp Barcode Technologies

phone security

Today, many of us enjoy a seamless technology experience – moving from our smart homes, to our connected cars and into the workplace without missing a beat (or a swipe).

These capabilities have created a new trend in business: BYOD, shorthand for “bring your own device”. Smartphones are the most common example of a personal device that might pull double duty as an in-office resource, but many employees also take their own tablets, laptops and USB drives into the workplace.

Today, BYOD is usually an elective phenomenon, but that may soon change: 38 percent of companies expect to stop providing devices to workers by 2016, according to a global survey of CIOs by Gartner, and by 2017, one in two firms will no longer provide devices to their employees. With 38 percent of small businesses planning to expand their workforce in 2016, according to Wasp Barcode’s State of Small Business Report, the amount of employee-owned devices will only increase.

The boom of BYOD is a double-edged sword for business owners – especially SMBs. On the positive side, it opens the door for workforce mobility, supports 24-hour staff accessibility, and creates quality of life conveniences for employees. Some 19 percent of firms believe BYOD is a way of improving employee satisfaction. And a further 17 percent of companies feel BYOD could improve productivity in the workplace both now and in the future.

Although an attractive business model, BYOD can also introduce huge risks for employers. To help, we’ve compiled a list of the 3 biggest BYOD risks and (affordable) solutions for small businesses.

Risk #1: eDiscovery Access.

Today’s smartphone is basically a pocket computer, capable of accessing multiple data streams (including corporate networks) and storing vast amounts of information.

This is convenient, but it also presents unique legal and IT challenges – especially for resource-taxed small businesses who need to safeguard, retrieve and control company-owned data. This is where the challenge comes in: In eDiscovery terms, BYOD policies give you about as much control over employees’ mobile devices as you have over their fashion choices.

In exchange for the privilege of connecting a personal iPhone to the corporate network, most companies require the employee to agree to a mobile device security policy. This gives the company a degree of control if the mobile device is lost or if it becomes necessary to collect data from it. These measures are the first step toward setting a company up for mobile eDiscovery success.

If you’re creating your first eDiscovery-oriented BYOD policy, make sure you’re granted the ability to lock and disable the device remotely, wipe all data from the device remotely, track the device remotely and access data on the device remotely, including user-created email and files, application logs, phone records, GPS files, and more. This can (and often will) include personal data, so it’s important your employees fully understand the terms of BYOD use to protect all parties involved.

In the early days of BYOD, legal and IT departments encouraged the use of applications that passed data through corporate servers. Under this model, if data became subject to discovery, it would be available and under company control on its servers. This often eliminated the need to collect from the mobile device itself.

Today, unique data will reside on mobile devices because they make extensive use of apps and cloud services. And that means bring-your-own mobile devices will be involved in day-to-day discovery.

The good news is: specialists in eDiscovery can take some of this burden of responsibility away from small business owners. One example is DriveSavers – a leader in data recovery, has performed over 500,000 successful recoveries since they began in the 1980s, from phones, tablets and PCs of all types. They’ve worked with celebrities, government organizations, and private businesses and citizens to recover important data from losses such as fire, hard drive failure and water damage.

Recently DriveSavers even announced new capabilities in accessing data from anonymous prepaid cell phones, or “burner phones.” Tens of millions of these prepaid cell phones are currently in use, containing previously unattainable data. DriveSavers’ new solution creates new safeguards for BYOD businesses that might have employees using these devices on the job.

Risk #2: Security.

Cybertheft is a prominent threat to American businesses: According to one Dell study, security breaches cost U.S. organizations an estimated annual loss of $25.8 billion.

That’s why even small businesses must adopt a mobile device management (MDM) strategy that protects sensitive information from data theft. MDM plans allow companies to have greater control over the range of technologies being used by employees, and provide workers access to company information from one secure location that is separate from their personal applications. This means that employees can use their phones for personal and business functions without compromising the security of corporate data. Meanwhile, companies can assure that workers’ privacy is respected by keeping documents like text messages, photos and videos off-limits from IT workers.

Mobile application management software is also key. One of the most common ways for cybercriminals to gain access to company information involves installing malware on employee devices. Malware programs can be disguised as consumer apps available on third-party app stores, so it may be difficult for employees to recognize the harm in downloading such offerings. Fortunately, mobile application management software enables IT workers to control which applications can be installed on employees’ devices. After IT teams install MAM programs on workers’ smartphones, they can blacklist vulnerable apps from being installed.

Finally, employees can protect their phones with a data protection program like Fortegra’s ProtectCELL. ProtectCELL’s plan provides security beyond mobile phone insurance, so smartphone owners can ensure they are keeping both personal and corporate data safe – and offers the ability to locate and lock lost devices and erase sensitive information.

Risk #3: Loss, Theft and Resale.

More than 1 in 3 mobile devices are either stolen or lost by their original owner.

And employees that sell or recycle a BYOD device after upgrading pose another risk. In either event, when personal devices fall into the wrong hands, your company data could, too.

How do you protect your assets from this threat? First, enable remote wiping of the device’s data and require it as a condition of program participation. Not only does it safeguard devices lost, stolen or sold, it can provide protection against loss of data to disgruntled former employees. When a team member is terminated, you can erase any corporate information or apps from their phones.

 

Brian-Sutter-Black-BG-800px

Brain Sutter serves as Wasp Barcode Technologies’ director of marketing, where he sets the strategic direction and oversees the tactical execution of the company’s marketing programs.