Trying to stay ahead of cyber attacks is a headache for most companies. Another pain point is securing employee-owned devices, which puts an extra burden on IT.
As a result, personal devices are often overlooked or security is limited to the secure business applications used on the devices, according to Gaider Magdanurov, chief success officer at Acronis.
This means that employees are transferring company data to personal devices and sharing through unsafe channels such as personal email or file sharing applications. Or, they’re storing data in device memory outside of secure corporate applications. While this may be convenient for employees, it does create significant security risks for small and medium-sized businesses (SMBs).
The habit of using your own device (BYOD) has long been a slippery slope. These devices move in and out of secure corporate spheres and are often connected to insecure public networks – potentially disclosing data to third parties, Magdanurov said.
Devices can be lost or stolen, and without a device management solution, the ability to remotely delete and block devices is not an option for IT.
“The bottom line is that the moment data reaches an employee-owned device, IT loses control over it and can provide little help in securing data and devices,” Magdanurov said.
Advantages and disadvantages of BYOD
Most small businesses typically rely on employees using their own devices, as issuing company-owned devices can over-expand the IT budget. In addition to cost savings, another benefit of BYOD is increasing employee productivity. People who are using their own devices for both personal and work gain more flexibility.
However, although BYOD reduces the load on the device collection, IT or a managed service provider (MSP) must emphasize the software that protects those devices, says Magdanurov. This is because employees have conveniently occupied and sometimes now use multiple devices, which expands the surface of the attack and creates additional complexity. Also, as remote work skyrocketed during the epidemic, IT companies saw their controls loosen.
“The expansion of BYOD and the tendency of employees to disable security controls on their home networks and on their own devices has dramatically increased exposure to security threats and increased the burden on IT companies,” Magdanurov said.
How to secure BYOD seamlessly and secure company data
SMBs can take certain steps to protect both employee devices and company data. Analyze first how personal devices are used and what applications and data are needed on those devices, says Magdanurov.
“Then, introduce a policy for BYOD and train employees on the policy. This includes what applications should be used, how data should be handled, what to do if there is a problem with the device, and how to recover if the device is lost or stolen, “he said.
Software tools for the BYOD policy should include:
- Restrict data access and prevent data leaks
- Monitoring tools for detecting data and providing insights into data access patterns
- Identify suspicious behavior and prevent access to sensitive data in insecure locations.
Another important step is regular employee safety training in the vicinity of phishing. For example, educate employees about how easily hackers deceive individuals to reveal sensitive information and the need to be vigilant while on the company’s network.
“Many organizations forget about training or do it informally,” says Magdanurov, “but employees are at risk for security threats, and untrained employees are much greater security risk than BYOD.”
Click Here See how Acronis can help improve your security posture.
Copyright © 2022 IDG Communications, Inc.