Bring Your Own Device (BYOD) is all the rage these days. More employees are using personal devices to access company data, and it looks like employers are actually embracing this trend – according to Gartner, by 2017 half of employers will require employees to supply their own device for work purposes.
Seems like a win-win for everybody, right? Well, not quite. Here’s why:
Mobile malware is on the rise, targeting primarily Android.
In 2015, most mobile apps will not have basic business-acceptable security protocols in place.
By 2019, wearables will become an integral part of enterprise mobility strategies.
Increased mobility comes with higher risks of having a mobile device lost or stolen – and this is most IT professionals’ top concern with regards to mobility.
What does this all mean? More mobile devices – of different make and model – used to carry and access company data will be vulnerable to more mobile security risks.
So while BYOD brings lots of benefits for both employees and employers, the trends behind this phenomenon are putting a strain on company data security. Which, if compromised, can cost the company much more than what it actually costs to implement BYOD. This is why companies have to broaden the scope of their BYOD policies to cover all types of devices and apps used by employees, and more importantly, put data security at the heart of these policies.
The data security checklist
Clearly, basic mobile device management features, such as wipe, lock and track a device remotely, are not enough anymore to protect data travelling through different channels – off a device, through USB ports, email and all kinds of apps, into the cloud.
Besides those basic features, a strong BYOD policy should cover core security functionalities to allow a company to build on them, should future trends require such measure. [Tweet this]
Here are the 5 core security functionalities a strong BYOD needs to check:
Data encryption, for data residing on the employee’s device and for data transiting different channels.
Application access control, using policy-based firewall and IPS/IDS.
Mobile malware detection and removal, to ensure clean devices enter the company and to keep them malware-free throughout their use.
Real-time app and website scanning, to make sure the device does not get infected by malicious apps or websites when the employee wants to download/access them.
App permission management, to allow employees to see exactly what types of information does an application require permission to access and share with the application vendor.
Tips for Mobile Device Management / Mobile App Management service providers
If you’re providing companies with MDM/MAM, you know your solution plays a key part in any BYOD policy. And if you haven’t got core security functionalities integrated into your solution, you might want to get them. Don’t limit yourself to just managing the device or the apps, when you can also manage the app permissions. And why not go beyond management functionalities, and add a mobile antimalware engine to deliver proper mobile protection?
Think of how much time and effort companies would save if there was one solution provider to meet all the security concerns caused by evolving BYOD trends. Are you up for the challenge?