Concord Technology Group

At Your Service - call 1-866-242-2775

7890 Forest Valley Lane
Concord Township OH, 44077

 

Whose device is it anyway?

News > Whose device is it anyway?

Whose device is it anyway?

 

No one set out to launch the BYOD (Bring Your Own Device) phenomenon - it just happened, the inevitable result of increased reliance on mobile devices in the workplace. Workers like the flexibility and convenience; employers like benefitting from tech without paying for it. A recent survey showed that more than 60 percent of small businesses are already allowing BYOD.

The survey did not indicate how many of those businesses have policies in place, or have even thought through all the implications. Here are some things to consider if you allow, or are considering allowing, a BYOD culture in your company.

Security

Network World poses an easily imagined scenario: An employee loses the personal smart phone he or she uses for work.

"Does the employee know how to notify the correct people in case his or her device is lost? Let's say the employee calls the security office and says, 'My personal phone is gone. I use it to access company resources, and I don't think it was securely locked.' Does the company have all the information necessary to take all the proper actions, including the telephone number, carrier, manufacturer and model, serial number, and other characteristics? Can the company respond in an effective way? Can it respond instantly, including nights, weekend and holidays? If not, you've got a real problem."

In addition to data stored on the phone, there are other areas of vulnerability, including cloud access, shared apps and stored passwords. In the wrong hands, a device is like a key to your front door.

MDMs and Privacy

Mobile device management (MDM) software offers some security in the event of loss or theft, among other controls. But it's also easily abused. Data protection company Bitglass recently found that several popular MDM systems "enabled [administrators] to see the contents of employees' personal email inboxes, social networking accounts and even banking information. Notably, the usernames and passwords used to log into sensitive accounts, including personal banking accounts, were transmitted through the corporate network in plain text. MDM also gave the Bitglass team visibility into users' app downloads and browsing history, which exposed sensitive search queries, including several health-related searches."

They were also able to track device users' movements through GPS, even nights and weekends. Snooping on employees' whereabouts and personal data could open a company up to legal action and a PR nightmare, even if it wasn't authorized by management.

Licensing

How much do you know about the licensing requirements for the applications your employees use on their devices? Many apps are free or inexpensive for individuals, but more costly for businesses - and an employee who uses one for both types of work could inadvertently put the employer at risk.

"Crucially, the responsibility here lies with the employer," reports ITProPortal.com. "Companies must always ensure they have the correct licensing of software when utilizing it for business objectives. This is true not only for the software use of full time employees, but also for the licensing of the software used by freelancers.

"Large vendors in particular take notice of software usage by freelancers, even if they're not under contract at the time of the audit. Auditors do not start by counting how many people work for a company. They look at annual figures, interviews and statements from organizations. Therefore, it is wise to include the licensing of freelancers in larger contracts up-front."

BYOD helps SMBs stay agile, but it's essential to understand the risks. For advice on tools and policies, contact us today.