Should you be concerned about bring your own device policies?

Find out more

In the last decade bring your own device (BYOD) has become a phenomenon amongst UK business with employees checking their emails on their phones, or bringing in their personal laptop to work from different locations throughout the day. In fact, the global market for the trend is expected to reach $181.39bn this year as more companies look into ways to implement BOYD policies. But with hacking scandals dominating the global news agenda, is bring your own device the best option for business?

Employers who have already implemented BYOD policies cite benefiting from greater employee motivation and engagement, as well as reduced overheads and improved work environments. Many find that employees work more efficiently using devices and operating systems they are better accustomed to and when they have the flexibility to move around and work in different locations throughout the day. Employers also frequently see improved motivation, as employees have the flexibility to work at a time, and in a place, that suits them.

However, having various different handsets can prove challenging to maintain, and a fragmented approach can put businesses at greater risk from outside hacking. In fact, 80 per cent of directors say that the complexity of configuring access privileges adds additional strain to IT departments. When creating a comprehensive BYOD policy, businesses need to establish how they can ensure that all devices have adequate measures in places to protect secure business data.

For some businesses, this will be installing the same security software across all portable devices, while others may opt to use secure messenger platforms such as NetMe or Cypeers. These end-to-end encrypted platforms will allow employees to send information securely from any device, and are a simple way of keeping sensitive data secure.

Despite the initial investment associated with securing personal devices as part of a BYOD policy, the long-term implications of failing to take proactive measures can be far more expensive. Regardless of whether a business is hacked due to human error, or as a result of aggressive malware or ransomware, the financial and reputational costs associated with losing customers’ personal data or critical business information are substantial.

With the General Data Protection Regulation (GDPR) coming into effect on 25 May 2018, this reputational risk will only increase. The new EU wide regulation requires companies to report a breach within 72 hours, or face fines of up to €20m or four per cent of global annual turnover - whichever is higher. However, a comprehensive BYOD policy can actually play a significant role in an organisations preparation for GDPR and ultimately compliance.

When creating a BOYD policy that remains compliant with the GDPR, employers should consider how to make the configuration of devices easy, and think about ways to ensure that employees can access secure data conveniently. If employees find it difficult or time consuming to access vital information, its far more likely that they find workarounds.

Though the repercussions of BYOD can be high, especially for large scale corporations with large and complex network infrastructures, it can provide smaller companies with a great sense of flexibility. Whether you’re a large company or a SME, it’s important that your keep security front of mind, and that you create a holistic BYOD policy.

If companies decide to implement BYOD, they need to carefully consider how they can ensure that devices used for work purposes are maintained to the highest security level. Companies can also take out specific insurance policies to help protect themselves against the financial risk associated with a data breach.

However, for companies that decided the risks aren’t worth taking, an alternative option would be to offer employees a standard company mobile, with secure networks pre-installed, such as the Genio mobile.

Regardless of which decision you make as a business, it’s crucial they you ensure that your IT department is consulted throughout the decision-making process, and are prepared to make necessary security checks. If you have some additional budget, it is also worth looking into bringing in an additional third-party professional to make sure that there are no gaps left in your network.

Social Bookmarks