Those industries for the purposes of this study included healthcare, legal and banking sectors. The national institute of standar ds and technology lists these high level threats and vulnerabilities of mobile devices. Analysis of security controls for byod bring your own device. Jun 21, 20 how byod brings security risks into corporate networks. But at the same time, byod faces a fair amount of criticism, with lax security at the forefront of concerns. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and technology, an organization can face significant risks from security and compliance gaps to escalating it complexity. Nov 05, 2017 despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. When it comes to dealing with byod and its attendant risks, the best defense may be a good offense. Bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. Users guide to telework and bring your own device byod security. Best practices to make byod, cyod and cope simple and secure.
An informed user is more likely to buy into byod security requirements. This whitepaper explains the risks and rewards of byod, and shows you how you can adopt byod in your workplace while protecting your data. White paper best practices to make byod, cyod and cope simple and secure. Zdnet says security is the most common reason for businesses for avoiding. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the. Bringing down security risks with a byod encryption policy. Ten tips for securing devices and reducing byod risks. However, security issues are slowing the adoption of byod. Holding off from adopting a byod policy is an uphill battle. Cisco identity services engine ise is the technology behind this capability. Byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. So too have employers, who are unlikely ever to stop staff from bringing their own devices to work or using them remotely for work purposes. The it guide to handling byod security risks in the workplace.
Jun 01, 2018 bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. For most companies, it makes sense to embrace the byod trend and capitalize on the benefits it offers, such as increased employee productivity and greater. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our. People can inadvertently download a malicious app, click on a malicious. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and usb ports.
Getting that sales contact information backed up off the mobile device and onto the company crm system is a priority. A user who does not understand their companys byod security policy is an instant vulnerability. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be lost or stolen during their lifetime and about 50% of all these lost or stolen devices will never be recovered. However, byod has also heightened security risks for organizations. What are the main drivers and benefits of byod for. Top security risks of implementing a byod policy and how. Here are the ways your organization can address the five biggest byod. Smartphones are the most common device used in byod settings, although laptops, tablets, and usb drives are also commonly brought into the workplace. Understanding the security risks of byod adoption in the workplace including liability, ramifications, security breaches, data storage and retrieval. Addressing the 5 biggest security risks ccb technology. With corporate data on a personal device, it is especially important that organizations.
According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be. Xss where hacker code is injected into web pages and downloads onto the device when the page is loaded into the browser. These tips should serve as a byod security best practices guide for end users and it security teams alike. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50% of employees acknowledge the employees byod concerns and personal privacy when setting mobile security policy by using a. How to write a good security policy for byod or company. While it is impossible to guarantee byod security, following these recommendations will help organizations to mitigate byod risks by securing devices. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security. If you want to show potential clients around your premises, you want to be welcoming and allow them to connect to your network, but you also need to show that your company has tight. This ebook identifies areas of concern and outlines the steps you can take to protect company. Guide to enterprise telework, remote access, and bring your own device byod security. The risks of social media in the workplace in addition to the risks of byod, there is an increasing risk from the use of social media, both by the organisation and by its employees individually.
The challenge remains to identify security risks associated. The ultimate guide to byod bring your own device in 2020. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and. Byod, security controls, nac, mdm, mam, virtualization.
Currently, were working on a fourth byod security capability. Apr 06, 2018 byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. Todays enterprises struggle to balance byod risks and rewards. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and. This paper focuses on two key byod security issues. The 2016 byod and mobile security report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. Reducing the risks of byod in the enterprise free pdf.
Guide to enterprise telework, remote access, and bring. Bring your own device byod an information security. The number of external devices that can now connect to a company that implements a byod policy has allowed for a proliferation of security risks. Apr 05, 2017 to understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device byod world.
Sep 14, 2016 byod bring your own device is the policy where employeeowned devices are used in a business. Bring your own device byod policies are making a significant impact on the workplace. Bring your own device byod is a current industry trend that allows employees to use their personal devices such as laptops, tablets, mobile phones and other devices, to connect to the internal network. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the increasingly popular android operating system as well as the ease with which attackers can access confidential business information. Byod risks and rewards how to keep employee smartphones, laptops and tablets secure by gerhard eschelbeck, chief technology officer. Each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. How cisco it designed a secure byod architecture cisco. Ensure that the management team is aware of the risks, including insider threats. Attackers are quick to exploit design flaws or architectural weaknesses.
We will control access based on device identity, connection type, and network access privilege. With these new changes come new security risks, so how do we address them. Jan 02, 2019 solutions to byod physical security risks if you cant stop remote employees from using their own devices, the only option is to embrace the practice and control access to information. Effects of bring your own device byod on cyber security. Employers create byod policies to meet employee demands and keep employees connected. For it security teams, the new risks typically include security vulnerabilities. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored. Jul 29, 2016 each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. Overcoming challenges, creating effective policies, and mitigating risks to maximize benefits.
Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security technologies is greater than ever. Again, you can block xss on your own network, but not on the devices of your employees. Here are the ways your organization can address the five biggest byod security risks. According to a recent survey by harris interactive and eset, more than 80% of employed adults use some kind of personally owned electronic device for. How to write a good security policy for byod or companyowned. To give you more of an idea, here are the top security risks of implementing a byod policy. An analysis of the key risks and how existing control mechanisms address them is also conducted. In the past five years alone, weve seen a number of significant shifts in technology and workplace culture. Best practices to make byod, cyod and cope simple and. How byod brings security risks into corporate networks.
In addition, this paper introduces the byod policy and management practices at verizon wireless as an organizational case study for analysis and recommendations on how to mitigate security risks. Pdf formats, word documents, and video in particular pose risks. To effectively manage byod, security managers need to define new strategies to manage the resulting risks. Users guide to telework and bring your own device byod. They may also do it to save money by eliminating the need for company plans and devices. Top security risks of implementing a byod policy and how to. Bring your own device byod is a rapidly growing trend in businesses concerned with information technology. Sep 23, 2014 currently, were working on a fourth byod security capability.
The reality is that many people are already bringing their own devices to work, whether sanctioned or not. Apr 03, 2018 how to write a good security policy for byod or companyowned mobile devices. Byod presents a unique list of security concerns for businesses implementing byod policies. Foster a culture of awareness around byod security and privacy through periodic newsletters, emails, intranet posts, etc. How to write a good security policy for byod or companyowned mobile devices. As byod has become increasingly common and awareness of security. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and security. An analysis of the key risks and how existing control mechanisms. Many tech providers offer byod security solutions that address security vulnerabilities while satisfying user privacy. To understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device. Many company security breaches result from lost or stolen devices. The ico also highlights the byod risks associated with increased monitoring at work by the technical measures that the company could put in place in order to ensure the security of the company. Malicious software malware also threatens device and data security.