Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and. Top security risks of implementing a byod policy and how. Ensure that the management team is aware of the risks, including insider threats, and has included byod in broader risk management. Bring your own device byod is a rapidly growing trend in businesses concerned with information technology. How to write a good security policy for byod or companyowned mobile devices. Cisco mconcierge 201 9 smartphone security practices personal smartphone usage at work varies within socalled sensitive industries, or sectors that come with greater expectations of privacy and security. Jul 29, 2016 each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. To effectively manage byod, security managers need to define new strategies to manage the resulting risks. We will control access based on device identity, connection type, and network access privilege. As byod has become increasingly common and awareness of security. Best practices to make byod, cyod and cope simple and.
Apr 05, 2017 to understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device byod world. While it is impossible to guarantee byod security, following these recommendations will help organizations to mitigate byod risks by securing devices. Many company security breaches result from lost or stolen devices. Pdf formats, word documents, and video in particular pose risks. Cisco identity services engine ise is the technology behind this capability. Ten tips for securing devices and reducing byod risks. However, byod has also heightened security risks for organizations. Again, you can block xss on your own network, but not on the devices of your employees.
Effects of bring your own device byod on cyber security. Bringing down security risks with a byod encryption policy. How byod brings security risks into corporate networks. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored. Users guide to telework and bring your own device byod security. Nov 05, 2017 despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. The it guide to handling byod security risks in the workplace. Bring your own device byod is a current industry trend that allows employees to use their personal devices such as laptops, tablets, mobile phones and other devices, to connect to the internal network. Sep 14, 2016 byod bring your own device is the policy where employeeowned devices are used in a business. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and usb ports. The national institute of standar ds and technology lists these high level threats and vulnerabilities of mobile devices. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and. These tips should serve as a byod security best practices guide for end users and itsecurity teams alike.
Here are the ways your organization can address the five biggest byod security risks. Without a coherent, comprehensive strategy for byod, cyod or cope, encompassing both policy and technology, an organization can face significant risks from security and compliance gaps to escalating it complexity. An analysis of the key risks and how existing control mechanisms. With these new changes come new security risks, so how do we address them. Overcoming challenges, creating effective policies, and mitigating risks to maximize benefits. Byod, offers productivity benefits that are hard to ignore. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50% of employees acknowledge the employees byod concerns and personal privacy when setting mobile security policy by using a. Find out the best way to keep smartphones and tablets safe from hackers and the dangers of public wifi and. Guide to enterprise telework, remote access, and bring. Theres no silver bullet for byod security, but in this article, enterprise information security pros share their strategies for. For most companies, it makes sense to embrace the byod trend and capitalize on the benefits it offers, such as increased employee productivity and greater.
Users guide to telework and bring your own device byod. Byod presents a unique list of security concerns for businesses implementing byod policies. Cisco mconcierge international association of privacy. Analysis of security controls for byod bring your own device. Attackers are quick to exploit design flaws or architectural weaknesses. Getting that sales contact information backed up off the mobile device and onto the company crm system is a priority. When it comes to dealing with byod and its attendant risks, the best defense may be a good offense. These tips should serve as a byod security best practices guide for end users and it security teams alike. Currently, were working on a fourth byod security capability. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the. To understand device security, its critical to have some measure of control and management over devices, which is a particular challenge in the modern bring your own device. The challenge remains to identify security risks associated.
Foster a culture of awareness around byod security and privacy through periodic newsletters, emails, intranet posts, etc. Each telework device is controlled by the organization, a third party such as the organizations contractors, business partners, and vendors, or the teleworker. An analysis of the key risks and how existing control mechanisms address them is also conducted. Reducing the risks of byod in the enterprise free pdf. This ebook identifies areas of concern and outlines the steps you can take to protect company. To give you more of an idea, here are the top security risks of implementing a byod policy. Ensure that the management team is aware of the risks, including insider threats. It needs to mandate the use of uptodate security software on all devices, ensure that all locallystored data is backed up on a regular basis and include a procedure allowing you to remotely wipe devices that are lost or stolen. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be. But at the same time, byod faces a fair amount of criticism, with lax security at the forefront of concerns. Like in other industries, use of mobile devices is prevalent in healthcare. The risks of social media in the workplace in addition to the risks of byod, there is an increasing risk from the use of social media, both by the organisation and by its employees individually. The reality is that many people are already bringing their own devices to work, whether sanctioned or not. Understanding the security risks of byod adoption in the workplace including liability, ramifications, security breaches, data storage and retrieval.
An informed user is more likely to buy into byod security requirements. The 2016 byod and mobile security report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. If you want to show potential clients around your premises, you want to be welcoming and allow them to connect to your network, but you also need to show that your company has tight. Bring your own device byod an information security. Dont mandate security solutions without engaging users first otherwise employers risk losing productivity from nearly 50%. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our. Indeed, organizations are exposed to risks such as the loss or theft of sensitive information, malware targeting mobile devices including the increasingly popular android operating system as well as the ease with which attackers can access confidential business information. According to a 20 ernst and young study on byod, about 22% of all mobile devices produced will be lost or stolen during their lifetime and about 50% of all these lost or stolen devices will never be recovered. How cisco it designed a secure byod architecture cisco. Top security risks of implementing a byod policy and how to.
Malicious software malware also threatens device and data security. Zdnet says security is the most common reason for businesses for avoiding. Attackers are quick to exploit design flaws or architectural weaknesses that can be used to steal data, sabotage networks or siphon funds. Best practices to make byod, cyod and cope simple and secure. According to a recent survey by harris interactive and eset, more than 80% of employed adults use some kind of personally owned electronic device for. So too have employers, who are unlikely ever to stop staff from bringing their own devices to work or using them remotely for work purposes. Sep 23, 2014 currently, were working on a fourth byod security capability. Todays enterprises struggle to balance byod risks and rewards. White paper best practices to make byod, cyod and cope simple and secure. Addressing the 5 biggest security risks ccb technology.
How to write a good security policy for byod or company. Jun 21, 20 how byod brings security risks into corporate networks. Smartphones are the most common device used in byod settings, although laptops, tablets, and usb drives are also commonly brought into the workplace. Here are the ways your organization can address the five biggest byod. Bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. Bring your own device byod policies are making a significant impact on the workplace. Jun 01, 2018 bring your own device byod is one of the most complicated headaches for it departments because it exposes the entire organization to huge security risks. The number of external devices that can now connect to a company that implements a byod policy has allowed for a proliferation of security risks. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security. Despite concerns about bring your own device byod security risks, employees over the past years have enjoyed the multiple benefits of byod. Many tech providers offer byod security solutions that address security vulnerabilities while satisfying user privacy. With corporate data on a personal device, it is especially important that organizations. However, security issues are slowing the adoption of byod.
Your security policy should address the common risks of byod. For it security teams, the new risks typically include security vulnerabilities. In addition, this paper introduces the byod policy and management practices at verizon wireless as an organizational case study for analysis and recommendations on how to mitigate security risks. A user who does not understand their companys byod security policy is an instant vulnerability. In the past five years alone, weve seen a number of significant shifts in technology and workplace culture. Byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. What are the main drivers and benefits of byod for. Jan 02, 2019 solutions to byod physical security risks if you cant stop remote employees from using their own devices, the only option is to embrace the practice and control access to information. The ultimate guide to byod bring your own device in 2020. Guide to enterprise telework, remote access, and bring your own device byod security. The ico also highlights the byod risks associated with increased monitoring at work by the technical measures that the company could put in place in order to ensure the security of the company.
This paper focuses on two key byod security issues. How to write a good security policy for byod or companyowned. Byod, security controls, nac, mdm, mam, virtualization. Apr 06, 2018 byod provides opportunities for organizations to improve productivity, efficiency, and agility of a mobile workforce. Holding off from adopting a byod policy is an uphill battle. Xss where hacker code is injected into web pages and downloads onto the device when the page is loaded into the browser. They may also do it to save money by eliminating the need for company plans and devices. People can inadvertently download a malicious app, click on a malicious.
Those industries for the purposes of this study included healthcare, legal and banking sectors. This whitepaper explains the risks and rewards of byod, and shows you how you can adopt byod in your workplace while protecting your data. Your own device byod initiatives whereby employees use their own mobile devices to perform work tasks the security risks have increased significantly and the need for effective mobile security technologies is greater than ever. Apr 03, 2018 how to write a good security policy for byod or companyowned mobile devices. Employers create byod policies to meet employee demands and keep employees connected.
625 969 437 937 81 311 300 430 1284 1362 1135 82 72 1474 1513 1306 812 244 416 362 651 1081 423 103 304 386 328 1196 998 912 1266