As the IT industry evolved and the usage of technology proliferated, the idea of Bring Your Own Device (BYOD) has adapted. Traditionally the concept of a BYOD policy comprised of an employee bringing their personal laptop to work. Using the personal device for work purposes was permissible via a loosely defined policy.
The rise of Internet of Things (IoT) has created challenges for IT Security teams in terms of managing the surge of personal devices that employees may attempt to connect on the work network. For example, an employee may connect a myriad of gadgets ranging from smart watches, fitness devices to smartphones.
Given that mobile security is a relatively reduced, using mobile devices within the workplace makes them a soft target for cybercriminals. Adversaries can easily gain access to corporate and personal data held on a device by compromising the smartphone. A prime reason for launching a cyber offensive on mobile devices is to obtain passwords. Often passwords are transmitted over an unencrypted platform.
Ensuring cyber security with personal devices
Establish a benchmark for when employees are permitted to use a personal device for work purposes. To establish cyber security, set rules for when employees cannot use personal devices. For example, employees who are working remotely should avoid using personal devices while connecting to a work network.
On a network each additional endpoint is a harbinger of cyber threats. Evolution of IoT devices has broadened the quantity of endpoints security teams must attempt to monitor. As opposed to conventionally where the focus remained on solitary endpoints such as computers.
Tips from TechDecoded to maintain a strong cyber hygiene while implementing BYOD practices:
- Consider monitoring all approved BYOD hardware used by employees.
- Implement stringent cyber security policies around BYOD.
- Provide training for employees including safe use of IoT devices.
- Review security protocols surrounding BYOD every six months.