EffortlessHR

Header Right

Contact Us: +1.520.546.3947 or Email
Sign Up Free Log In

Main navigation

  • Home
  • Pricing
  • Customers
  • Try It FREE
  • Partners
  • Solutions
    • White Label HR Software
    • Security Info
    • Employee Handbook Builder
    • Templates & Forms
    • Job Descriptions
  • Blog

Easy to use, comprehensive Online HR Software

Try it Free

All-in-one web-based employee management

A complete HR management system in the cloud. Employee portal, PTO, time clock, applicant tracking, benefits, file storage, and more.
Home>Emergency Planning>BYOD Security: 5 Threats Employers Need to Know About

BYOD Security: 5 Threats Employers Need to Know About

Posted on January 27, 2017 by Aaron

As Generation Y has entered the workforce and the demand for flexible working has increased, there has been a sizable shift from employees using company-owned devices to bring-your-own-device (BYOD). BYOD has its benefits, particularly for employees, but it also presents new cyber security challenges.

Anytime personal devices are interfacing with corporate data, you run the risk of data loss and breaches. If your company is thinking about putting a BYOD system in place, here are five security risks you need to know about:

 

Unprotected Devices

If your employees use mobile phones, tablets, or laptops that don’t have the appropriate protection, then they are vulnerable to cyber attacks. Even something as simple as ignoring a software update can leave your corporate data at risk.

With smartphones, for example, the software update process varies quite a bit depending on the device. While Apple pushes software updates out to all iPhone users, Android devices only get updates when the carrier or manufacturer releases them, which can leave them vulnerable.

Your company’s IT department and its employees need to work together to keep personal devices secure. Make employees aware of how important it is that they update their devices, and have your IT department help employees set up anti-virus protection and firewalls.

 

Negligent Employees

One of the most significant issues with BYOD is employee negligence. All it takes is one employee falling for a phishing scam or visiting the wrong website to expose your company’s information.

Education is key in minimizing such threats. Before allowing your employees to use their own devices to access company data, make sure they receive cyber security training.

Training should include information on the most common cyber attacks, including websites that install malware and phishing emails that look just like official business communications. Awareness of these threats makes them much easier to spot.

Keyboard logging is another serious problem with personal devices. Hackers can use it to steal employee’s sensitive information and even commit identity theft, so make sure your employees know how to prevent that from happening. Temporary passwords are an excellent safeguard against keyboard logging, as users only use these passwords once.

 

Insecure Public Wi-Fi

Connecting to public Wi-Fi networks puts any information your employees transmit at risk of man-in-the-middle attacks and other threats. While some businesses have secure access points to keep guest information safe, hotels, coffee shops, and residences often only have insecure public Wi-Fi available. Since many devices automatically connect to available networks, your employees may not even realize when they have connected to an insecure public network.

You can, of course, instruct your employees not to access any sensitive company data while on a public network, but it’s good to have a backup plan. One way to protect your company’s information is to choose a virtual private network (VPN). This VPN creates a private tunnel from your IT network to the user, encrypting data so outsiders are unable to read it.

 

Malicious Apps

The good news is that the most popular app stores (Apple’s App Store and Google Play for Android devices) do well at filtering out malicious apps. The bad news is that the occasional dodgy app slips through the cracks, and even legitimate apps can accidentally leak data. With the growing number of app downloads, it’s possible that an employee could unknowingly install one that poses a security risk.

An excellent solution is a mobile device management product designed to monitor apps, such as Marble Security Service. Not only can these apps pinpoint threats, but they can also keep your IT team updated on the apps employees have installed on BYOD hardware. Of course, it also helps if you can get your employees to be careful with the apps they install.

 

Lost or Stolen Devices

There’s more to protecting your company’s information than training your employees in proper cyber security practices. The majority of security breaches aren’t a result of viruses, malware, or any other type of hacking – they’re caused by a lost or stolen mobile device. If your employees are using personal devices for company business, set up a response plan in case a device goes missing.

One simple security measure that every employee can and should implement is a basic security code, such as a PIN or a password. This isn’t foolproof, but it slows down anyone trying to access the phone’s data.

Make sure there is a way to remotely wipe data from the device. Certain businesses program a selective wipe into devices that removes corporate data, including emails and contacts, from them. This ensures that your IT team can get rid of sensitive information right away, without needing to run it by the user first.

Many smartphones have features that allow the user to remotely lock the phone, wipe its data completely, or pinpoint its location. You may want to require your employees to set these features up so they can protect your information if a phone is lost after hours.

 

Final Thoughts

Cybersecurity risks don’t mean that a BYOD policy is a bad idea. There’s always the threat of cyber attacks in this day and age, and a BYOD policy has several benefits, including the flexibility it offers employees and the money you save from not issuing company devices. By being aware of the unique risks posed by a BYOD policy, you can take steps to minimize them.

 

 

About the Author

Lisa Michaels is a freelance writer, editor and a striving content marketing consultant from Portland. Being self-employed, she does her best to stay on top of the current trends in the business world. Feel free to connect with her on Twitter @LisaBMichaels.

 

 

Related Posts

  • Business Security: Why Network Security Should Be Your Top Priority
  • How to Analyze What Type of Security Measures Your Business Needs
  • Business Confidential: 4 Security Practices Your Company Needs to Implement
  • How Your Business Might Be Putting Its Cyber Security at Risk
  • How To Protect Employees With The Proper Security

Reader Interactions

Comments

  1. Elias Nystuen says

    February 4, 2017 at 8:11 pm

    This is a big help for all employers and owners.Knowing the basic protocol is a must.

  2. Manal Shaikh says

    July 26, 2019 at 9:46 am

    Agreed. Employees must be given training and should be ordered to participate in cybersecurity awareness programs. This can reduce risks at some extent of getting wrong hands into the system.

  3. Adeel Khan says

    August 2, 2020 at 9:27 am

    Absolutely agreed. All employees must given some form of training. All business owners needs to recognize the importance in this digital age. Great read. Thanks for sharing.

Primary Sidebar

Subscribe

Enjoy our blog? Enter your email address to be the first to receive updates as we post:

Categories

  • Blogging
  • Business Planning
  • Compensation
  • Customer Service
  • Emergency Planning
  • Employee Hiring
  • Employee Issues
  • Employee Policies
  • HR
  • Jobs
  • Labor Laws
  • Lead Articles
  • Legal Issues
  • Management
  • Marketing
  • Press
  • Remote working
  • Scheduling
  • Technology
  • Training & Development
  • Uncategorized
  • Webinars

Friends

  • Bompus

Footer

Pages

  • Home
  • Pricing
  • Customers
  • Try It FREE
  • Partners
  • Solutions
    • White Label HR Software
    • Security Info
    • Employee Handbook Builder
    • Templates & Forms
    • Job Descriptions
  • Blog

News & Updates

5 Reasons HR is So Important for Business Success

December 19, 2022

How Human Resource Professionals Can Use Technology to Improve Workplace Safety

December 12, 2022

Best Practices To Improve Employee Engagement At the Workplace

December 5, 2022

Contact Us

  • Email: Contact Us
  • Call: +1.520.546.3947

Stay Connected

  • LinkedIn
  • Twitter
  • Facebook
  • YouTube

© 2023 EffortlessHR. All Rights Reserved.            Privacy Policy