Friday, 11 January 2013
“It’s Just Email”: Misconceptions About BYOD Risks
Do you like this story?
The consumerization of IT — allowing employees to use their
own devices for work functions — brings with it a host of security concerns
that must be addressed. Because, as Trend Micro reports, many employers are shifting to a bring-your-own-device
(BYOD) environment in an effort to increase productivity and follow current
trends — it’s important for IT departments (and employees) to understand what
such a shift means in terms of security and avoid common misconceptions that
often lead to security issues.
How Criminals Use Mobile Devices to Access Data
With smartphones and tablets enabled to perform almost any
task that a computer can, employees are using their mobile devices to do
everything from check email to produce quotes for customers. Mobile devices
serve both as on-the-go storage devices, full of contacts and proprietary
information, and a means of access to a corporate network.
The simplest way that criminals can access corporate
networks and steal data is by getting their hands on the device. Every day,
hundreds of mobile devices are lost or stolen. In some cases, the theft is
deliberate, but in others, criminals just get lucky. Loss and theft is a
definite concern among IT security professionals, but the greater security risk
comes from the phone itself. Viruses, malware and madware specifically targeted
to mobile devices are becoming increasingly common. Employee devices may become
inadvertently infected with this harmful software via a malicious app or by the
user opening an email or instant message on their phone. The app works in the
background, collecting data such as contact lists, calls made and messages
sent, or by monitoring logins to the company network.
When a criminal accesses the company network via a
cloud-based service or an employee’s password-protected access, he can then
cull information and data from the internal servers and transfer it to an
external server — often before anyone notices that there is a problem.
Protecting Devices Requires a Plan
Although many companies mistakenly believe that accessing
email — or other company networks — via mobile devices without safeguards isn’t
really dangerous, just as many organizations mistakenly believe that protecting
their network is difficult or impossible.
Securing your data in the BYOD environment requires a
two-pronged approach: a comprehensive mobile-device-management (MDM) protocol
coupled with data-protection solutions that limit access to the network without
proper authentication and regularly audit the network for unauthorized or
unusual access.
As part of the MDM plan, employees need to let go of the
notion that they maintain full control of the devices they use for work. The
best security plans allow for a certain amount of freedom — obviously,
employees will be using their devices for personal reasons — with restrictions
and safeguards. Acceptable-use policies, for example, may govern which websites
or apps an employee can access with a work device, and remote locking or wiping
capabilities will be employed when the device is lost or stolen or after a
certain number of failed log-in attempts.
Understanding the realities of the BYOD environment and
taking necessary precautions will save businesses time, money and public
relations’ nightmares. Employees need to understand that the freedom to use
their preferred device comes with some responsibilities and limitations — and
that their email (and social media and app use) does make a difference and
needs to be protected.
"Dont forget to subscribe,join my site for new Games and softwares Updates,and to leave comments!"
This post was written by: Author Name
Author description goes here. Author description goes here. Follow him on Twitter
Subscribe to:
Post Comments (Atom)
0 Responses to ““It’s Just Email”: Misconceptions About BYOD Risks”
Post a Comment