10 ways to boost Bring Your Own Device security
Bring Your Own Device (or BYOD for short), is a lot more common than it was a few years ago, and you may only have heard the term used more frequently in the last year.
BYOD allows staff to use their personal devices such as smartphones, laptops and iPads to access business applications and networks, whether they are at home or in the workplace.
Companies adopting BYOD benefit from reduced hardware and software costs, but at the same time, this can open up the door to cyber threats and place additional responsibilities on IT providers to maintain devices and ensure they stay secure.
Here are some of the ways you can improve your BYOD security:
Make passwords compulsory on all devices
While this may seem like an obvious step, many choose to ignore it – and it serves as the first level of protection against data theft. Prevent unauthorised access to your company data by enforcing the use of passwords on all BYOD devices.
Passwords should be long, unique and random and different on each of your devices. If it’s easy to guess, hackers can use brute force attacks to try logging in to your account using every possible combination of characters until they get the correct password. The shorter the password, the quicker a brute force attack will be able to steal it.
Add another layer of protection with two-factor authentication, which requires employees to provide two different pieces of information to confirm their identity. Most systems use a strong password as the first factor, and the second factor can be a code, second password, facial recognition or fingerprint.
As part of your BYOD policy, VPNs allow you to securely connect any device that connects to your Wi-Fi network. Without this, there’s a risk that sensitive data could leak outside of your business.
Your employees can install a VPN on their devices, which then encrypts their data and protects incoming and outgoing traffic on the device. Even better, it prevents hackers from tracking your device or your online activity and your browser history is also hidden from prying eyes. VPNs make your secure and safe while you are on public or guest Wi-Fi.
Most paid VPNs (and you shouldn’t really use a free VPN) provide multiple simultaneous connections, allowing you to protect all your devices, be it a computer, smartphone, tablet, and even smart TVs and gaming consoles, at the same time.
Restrict data access
One of the most effective ways of managing IT security risks is to restrict data access on both BYOD and company devices. This essentially means that an employee is able to access only the data and software required to do their job.
For example, a member of your customer services team should probably not have the power to access accounts on their computer. Restricting access can reduce the effects of certain types of malware and limit the fallout in the event of a data breach.
You never want employees to store data or other information on their personal devices. The chance of theft, loss, or damage to the device means losing your sensitive information, as well as leaving it open for whoever gets hold of the device.
Blacklist or ban applications
As well as restricting data access, you can also prevent employees installing certain applications on their personal devices. This could include apps such as file sharing and social networking apps that make devices vulnerable to data theft and hacking.
Your IT provider should easily be able to secure and enforce policies on enrolled devices with a mobile device management system. However, ‘blacklisting’ applications cold be seen as crossing a line in terms of the employees privacy, so you’ll need to consider where you set boundaries before incorporating this into your BYOD policy.
Monitor network connectivity
Network connectivity is also critical to BYOD security, especially as employees are working in different locations. Eventually you may have some people in the workplace and some working from home at one time, all connected to different WiFi networks.
It is possible for your IT provider to set up network parameters to let devices connect only to trusted networks and prompt users before connecting to new or unfamiliar networks. Also encourage employees to make sure their WiFi or Bluetooth is turned off when not in use. This prevents them from unknowingly connecting to unsecure networks.
Encourage software updates
Cyber criminals frequently rely on people running outdated software, which they can then exploit. You should make a habit out of updating your software regularly, and so should employees on their personal devices.
Most modern software has automatic patching programs. Users should turn them on, and say “yes” whenever they ask to update. If your IT provider has any concerns about compatibility of updates and other applications, they should inform all users about it.
Use a ‘remote wipe’ application
As the name implies, a remote wipe is a security feature that enables an authorised person (usually an IT provider) to remotely delete data from a device. This sounds daunting, but it’s good to have and usually a last-resort solution for preventing data theft if someone’s personal device is lost or stolen.
Depending on the software used, a remote wipe can return the device to factory settings and remove all data. If data is backed up (see next point) employees can still recover data.
Back up device data
A well thought-out BYOD policy can go a long way toward reducing the risk of a security breach, but in the event that something manages to slip past your defences you need to have a process in place for restoring your data.
A reliable backup system can carry out regular or automatic backups. But don’t leave them alone – you or your IT provider should monitor backup reports daily, either manually or via an alerts system so any issues can be addressed before they escalate. Also ensure that restore tests are carried out to check you can recover files if something is deleted.
You should also make sure any sensitive data employees are handling is encrypted. This is especially important, and challenging today where email, collaboration tools (like Teams, Skype and Zoom) and even social media platforms (like LinkedIn and Twitter) are often used to communicate business information.
Because of this, it’s important that you set up encryption policies or work with a trusted partner that can implement the correct policies for your data.
Educate your employees
Ultimately, some of these measures won’t be as effective if your employees aren’t trained on safe device usage and subjects such as phishing, mobile device security. If you do not know where to start, take a look at your company and identify any gaps in security when it comes to BYOD and create training around that.
The take up of BYOD isn’t slowing down so data security should remain a top priority for businesses. If you’re interested in implementing a BYOD policy at your business or improving the one you currently have in place, get in touch with our team at firstname.lastname@example.org.