Byod presents a unique list of security concerns for businesses implementing byod policies. Attackers are quick to exploit design flaws or architectural weaknesses. The national institute of standar ds and technology lists these high level threats and vulnerabilities of mobile devices. Apr 03, 2018 how to write a good security policy for byod or companyowned mobile devices. Guide to enterprise telework, remote access, and bring your own device byod security.
Each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. This ebook identifies areas of concern and outlines the steps you can take to protect company. To understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security technologies is greater than ever. Addressing the 5 biggest security risks ccb technology. Bringing down security risks with a byod encryption policy. Apr 05, 2017 to understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device byod world. Like in other industries, use of mobile devices is prevalent in healthcare.
People can inadvertently download a malicious app, click on a malicious. Bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. The ico also highlights the byod risks associated with increased monitoring at work by the technical measures that the company could put in place in order to ensure the security of the company. Apr 06, 2018 byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. Despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. The 2016 byod and mobile security report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. Byod, security controls, nac, mdm, mam, virtualization. Many tech providers offer byod security solutions that address security vulnerabilities while satisfying user privacy.
Zdnet says security is the most common reason for businesses for avoiding. Byod risks and rewards how to keep employee smartphones, laptops and tablets secure by gerhard eschelbeck, chief technology officer. Users guide to telework and bring your own device byod security. Xss where hacker code is injected into web pages and downloads onto the device when the page is loaded into the browser. For most companies, it makes sense to embrace the byod trend and capitalize on the benefits it offers, such as increased employee productivity and greater. While it is impossible to guarantee byod security, following these recommendations will help organizations to mitigate byod risks by securing devices. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50% of employees acknowledge the employees byod concerns and personal privacy when setting mobile security policy by using a. How to write a good security policy for byod or companyowned mobile devices. The ultimate guide to byod bring your own device in 2020. Here are the ways your organization can address the five biggest byod. These tips should serve as a byod security best practices guide for end users and itsecurity teams alike. Effects of bring your own device byod on cyber security. An informed user is more likely to buy into byod security requirements. Best practices to make byod, cyod and cope simple and secure.
Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and technology, an organization can face significant risks from security and compliance gaps to escalating it complexity. This paper focuses on two key byod security issues. Cisco identity services engine ise is the technology behind this capability. A user who does not understand their companys byod security policy is an instant vulnerability. But at the same time, byod faces a fair amount of criticism, with lax security at the forefront of concerns. Jan 02, 2019 solutions to byod physical security risks if you cant stop remote employees from using their own devices, the only option is to embrace the practice and control access to information. The it guide to handling byod security risks in the workplace.
Jun 21, 20 how byod brings security risks into corporate networks. What are the main drivers and benefits of byod for. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50%. Byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. This whitepaper explains the risks and rewards of byod, and shows you how you can adopt byod in your workplace while protecting your data. Top security risks of implementing a byod policy and how. Smartphones are the most common device used in byod settings, although laptops, tablets, and usb drives are also commonly brought into the workplace. Understanding the security risks of byod adoption in the workplace including liability, ramifications, security breaches, data storage and retrieval. Bring your own device byod an information security. Bring your own device byod policies are making a significant impact on the workplace. In addition, this paper introduces the byod policy and management practices at verizon wireless as an organizational case study for analysis and recommendations on how to mitigate security risks.
For it security teams, the new risks typically include security vulnerabilities. Malicious software malware also threatens device and data security. According to a recent survey by harris interactive and eset, more than 80% of employed adults use some kind of personally owned electronic device for. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security. Best practices to make byod, cyod and cope simple and. Todays enterprises struggle to balance byod risks and rewards. If you want to show potential clients around your premises, you want to be welcoming and allow them to connect to your network, but you also need to show that your company has tight. Employers create byod policies to meet employee demands and keep employees connected.
How to write a good security policy for byod or companyowned. Users guide to telework and bring your own device byod. They may also do it to save money by eliminating the need for company plans and devices. Reducing the risks of byod in the enterprise free pdf.
The number of external devices that can now connect to a company that implements a byod policy has allowed for a proliferation of security risks. Here are the ways your organization can address the five biggest byod security risks. Your security policy should address the common risks of byod. So too have employers, who are unlikely ever to stop staff from bringing their own devices to work or using them remotely for work purposes. Overcoming challenges, creating effective policies, and mitigating risks to maximize benefits. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be lost or stolen during their lifetime and about 50% of all these lost or stolen devices will never be recovered. Ensure that the management team is aware of the risks, including insider threats, and has included byod in broader risk management. How to write a good security policy for byod or company. Analysis of security controls for byod bring your own device. With these new changes come new security risks, so how do we address them. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and.
Top security risks of implementing a byod policy and how to. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and. Those industries for the purposes of this study included healthcare, legal and banking sectors. White paper best practices to make byod, cyod and cope simple and secure. In the past five years alone, weve seen a number of significant shifts in technology and workplace culture. These tips should serve as a byod security best practices guide for end users and it security teams alike. Many company security breaches result from lost or stolen devices. Foster a culture of awareness around byod security and privacy through periodic newsletters, emails, intranet posts, etc. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our. How cisco it designed a secure byod architecture cisco.
As byod has become increasingly common and awareness of security. When it comes to dealing with byod and its attendant risks, the best defense may be a good offense. Sep 23, 2014 currently, were working on a fourth byod security capability. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored. Holding off from adopting a byod policy is an uphill battle. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and. The reality is that many people are already bringing their own devices to work, whether sanctioned or not. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the increasingly popular android operating system as well as the ease with which attackers can access confidential business information. Pdf formats, word documents, and video in particular pose risks. To give you more of an idea, here are the top security risks of implementing a byod policy. We will control access based on device identity, connection type, and network access privilege. An analysis of the key risks and how existing control mechanisms. Jul 29, 2016 each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. Bring your own device byod is a rapidly growing trend in businesses concerned with information technology.
Bring your own device byod is a current industry trend that allows employees to use their personal devices such as laptops, tablets, mobile phones and other devices, to connect to the internal network. However, security issues are slowing the adoption of byod. Jun 01, 2018 bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be.
Again, you can block xss on your own network, but not on the devices of your employees. An analysis of the key risks and how existing control mechanisms address them is also conducted. Ensure that the management team is aware of the risks, including insider threats. Getting that sales contact information backed up off the mobile device and onto the company crm system is a priority.
Theres no silver bullet for byod security, but in this article, enterprise information security pros share their strategies for. How byod brings security risks into corporate networks. However, byod has also heightened security risks for organizations. The challenge remains to identify security risks associated. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the. To effectively manage byod, security managers need to define new strategies to manage the resulting risks. Sep 14, 2016 byod bring your own device is the policy where employeeowned devices are used in a business.
Byod, offers productivity benefits that are hard to ignore. Ten tips for securing devices and reducing byod risks. Guide to enterprise telework, remote access, and bring. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and usb ports. Currently, were working on a fourth byod security capability. Cisco mconcierge international association of privacy.
386 736 868 653 215 51 1181 739 670 448 298 131 1594 284 1399 913 1556 612 1462 368 1399 1184 406 446 742 142 649 1151 636 379 143 408 1212