Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized...

ITBriefcase.net Membership!

ITBriefcase.net Membership!

Tweet Register as an ITBriefcase.net member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

BYOD Security Risks: Companies May Be Playing with Fire

June 26, 2014 No Comments

Featured article by Rachael Danks, Freelance Writer

The BOYD policy has already become a substantial factor in the corporate world, with there being enough documented evidence to establish the fact that it gives a significant boost to employee’s productivity. As more and more companies are warming up to the idea of allowing personal mobile devices in the workplace, the security implications of adopting such a policy are becoming increasingly hard to ignore. Indeed, companies are putting a lot at risk for getting a bit more out of their employees.

The variety and susceptibility of mobile platforms

One of the biggest worries for any organization considering or having already implemented the policy to allow its employees to bring their own mobile devices to work is the security of the platform itself. Despite being the leaders in the mobile space for quite some time now, neither Apple nor Google have been able to get it absolutely right yet. iOS 7 debuted with a number of security flaws, whereas Android 4.4 KitKat failed to cover all bases as well, most notably the one pertaining to the malicious or glitchy apps available on Google Play. While Windows Phone and Blackberry fare better than their counterparts in the security department, they are not 100 percent secure either, especially against spyware. For any enterprise, letting such devices connect to the corporate network is indeed a huge risk.

The capacity of IT personnel to mitigate the aforementioned risks is blemished by the myriad of devices they have to deal with. It may have been somewhat easier for them to identify and reduce, if not completely eliminate a threat if they were only dealing with one kind of platform. However, that will remain a wishful thinking, as employees are unlikely to show similar preference when it comes to mobile devices. The situation is further complicated by the many iterations of the same operating system, as is the case with Android, thus making it real hard for the IT department to know what security vulnerabilities they are exactly dealing with.

Of course, the scenario is changed into a catastrophic one once jailbroken and rooted devices are considered. With the innate security features removed, the device becomes a ticking time-bomb, simply waiting to explode.

The adverse impact of apps

When employees bring their own mobile device to the office, the installed apps will naturally tag along. The organization has no way of determining what apps are present on each user’s device, where they downloaded them from, and whether they pose any degree of security risk. A glitchy or malicious app connecting to the office network can lead to several issues such as network issues, data theft, etc. Furthermore, there is no guarantee that the apps downloaded from official digital distribution channels will be secure.

Security issues rise to new and unreachable heights

Mobile platforms and glitchy apps may have traditionally been the biggest worry for organizations when it comes to BOYD, but in recent times, cloud service has become a much larger security concern. The organization loses control of the data that the employee uploads to the cloud storage, thus making it impossible for them to protect it from misuse or leakage, and also for them to remotely wipe it when the employee leaves the company. Since the adoption of cloud service is taking place at a rapid pace, the companies are increasingly facing the challenge of maintain their control over their data.

While it would be an over-exaggeration of the current scenario to state that BOYD may thin the walls of organizations’ security fortress, the risks that it poses are quite potent nevertheless. It may be possible to monitor and control the interaction of an employee’s device with the corporate network to an extent, and having a comprehensive BOYD policy and MDM in place may mitigate the issue to a large extent, but these measures cannot eliminate the risk completely. In this end, it’s for the organization to decide whether the benefits of BOYD outweigh the risk involved.

Leave a Reply

(required)

(required)


ADVERTISEMENT

Gartner

WomeninTech