Bringing Your Own Device? 7 Security Concerns for Small Business
By Kwang Edeker - January 15, 2019
As smartphones, laptop computers, and tablets blur the line between work and home, employees want to use their own devices to contribute from anywhere and at any time.
With “77% of small businesses using mobile technology,” and adoption trends on the rise, many companies see "Bring Your Own Device" (BYOD) policies as a way to support an increasingly mobile workforce while at the same time lowering costs associated with mobile technology ownership.
There are obvious concerns for BYOD security when workers use their own devices for business tasks. Consider these IT security and risk management questions before you introduce BYOD into your business strategy:
- Can you support them? Supporting employee-owned devices can be tricky. Operating systems and devices vary. Some employees have support agreements with manufacturers or carriers. Without a dedicated IT department, you’ll need to rely on the employee or trusted service providers. If you do have in-house IT, do they have the capabilities and training to support varied devices?
- Software updates? Apps and operating systems are continually updated. These updates often involve security patches. If you don’t have centralized control over devices and rely on the end-user to install updates, how will you verify these updates are done properly and when they’re needed?
- Personal and Business Data together? Employee-owned devices contain personal data such as contacts, account information, apps, financial information, passwords, and more. How you will keep business data secure and separate from personal information?
- Loss, theft, upgrades, and termination? Stuff happens, but this time your business information is at risk. Do you have a system in place for device location and remote data wiping? If an employee upgrades their device or is terminated, how will you make sure your data is removed and migrated securely? Or does another family member, friend, or competitor have it now?
- Data Protection and Leaks? The mobile workforce is… well, mobile. As a business owner, you don’t always have control over where and when they connect. Home networks, coffee shops, and other public Wi-Fi access points are notorious for lacking security. What measures will you have in place to prevent unauthorized access to your business data?
- Do you have a BYOD Policy? Allowing your employees to bring their own devices requires you to create policies regarding their usage. Will you have reimbursement plans or allowances? What about employer access to passwords, application installation, and end-point security programs? Do both parties have a clear understanding of each other's rights and responsibilities?
- Implement MDM software and policies? Implementing Mobile Device Management (MDM) software and policies into your mobile strategy helps lower your exposure to cyber-attack by allowing IT administrators to control, support, and secure endpoint devices. MDM software is not a security technology but can provide features like device location and data wiping. Having an MDM policy in place also helps mitigate invasion of privacy or similar lawsuits.
Don’t let BYOD security challenges keep you from putting mobility into your 2019 business strategy. Properly documented and mutually understood IT security measures provide an additional layer of trust with your employees, business partners, and customers. Don’t wait. Start realizing the cost savings, employee satisfaction, and increased productivity of BYOD in your business.
As BYOD quickly becomes a new standard, device security and management policies will help you mitigate security and human resources issues that may arise. If you need help, consider partnering with a managed IT services provider to secure and execute your BYOD plans.