BYOD & Data Breaches: The Way Forward

It’s the 5-inch collaborating of aluminium and Gorilla’s Corning glass that sits, ready and waiting in their pocket. It’s the hard shell of leather around an even tougher matter silver exterior, which lights up with the faces of their loved ones with the click of a button. It’s their commuting companion, filled to the brim with books, photos and variations of Angry Birds spin-offs.

It’s a four letter and acronym, and it’s also the very thing that could throw a company into meltdown and see its most precious information released into the world like a wayward bulldozer, blasting through everything the company has worked hard to build. BYOD (Bring Your Own Device) is that phrase, and it can be incredibly dangerous.

How to Keep Sensitive Data Safe

But BYOD doesn’t have to be. Those smartphones and MacBooks and the great masses of iPads and tablets in all of their varying operating software types and sizes that employees bring with them to work, can become a protected asset and not a gaping data leak with the right policies in place.

One of these policies, is, quite concisely, a BYOD security policy. Bringing security measures to the forefront is key and putting them on the backburner is the direct opposite of ‘helpful’, a basic ‘do not take sensitive information home with you’ rule would be a start, but, of course, it’s not always that easy.

To really make use of the benefits that BYOD can provide, whilst also protecting against its disadvantages, company wide instructions on how to do this need to be put in place. It could start with copy-disabled files, to prevent that top secret spreadsheet of revenue expectations from ending up on a smartphone thanks to a few accidental mouse clicks and it could, at its most extreme, become total separation of the files in which different employee levels have access to (for example, keeping the sensitive data completely out of a junior employee’s ways even if having access to it would otherwise do no harm – in a non-BYOD era).

The Perfect BYOD Policy

What the BYOD policy must not be, however, is a blanket policy, in that iPads or smartphones are banned because what goes for one employee does not always go for another, especially as bringing their own devices entails each of them doing different, necessary tasks on their varying amount of portable gadgets. David Applebaum, senior vice president of marketing for Moka5 said this on BYOD policies in an interview with Tech Republic,

Our assessment is if you do the first thing and be very specific about how you want data handled and the expectations that you are setting consistently in terms of how IT will deal with personally owned devices. Then a written policy doesn’t necessarily have to be draconian if you look at it from the perspective of clarity.” He also has recommendations on how not to be too stifling when it comes to BYOD, advising that companies “don’t treat [any] two cases identically.

So while there is serious cause for concern when it comes to BYOD in the workplace, there does not need to a company wide scare with devices that could otherwise help encourage productivity and the chance that more will get done on account of work being able to take place in more than one place. The message here is not just to Bring Your Own Device, but to Build Your Own Defences too.

Leave a Reply