BYOD; How to keep your company data secure.
Posted 16th March 2021
With increased remote working, more and more businesses are beginning to accept that team members will be completing work-based tasks on their own devices. Using your own device for work (also known as BYOD) has become an increasing workplace feature as more employees purchase smart devices. Many companies have good reason to encourage team members to access work tasks on their personal phones and tablets, with a report by Aperian stating that most employees felt more productive when using their own devices.
However, even before the introduction of GDPR, the use of BYOD has been identified as posing significant security risks to companies and organisations. Aside from the chances of corporate information falling into the wrong hands due to personal device loss or theft, there are also the chances of malware outbreaks as a result of less rigorous security compliance procedures. So, how can businesses ensure that their corporate data is safe on their employees’ personal devices?
Mobile Device Management
Mobile Device Management (MDM) is frequently used by businesses to provide them with visibility and control over any company-owned devices used by team members. Essentially, it provides visibility and control over any endpoints that it is installed on. This means that it is possible to remotely wipe data from a device and block apps from interacting and accessing any company data or information. The best MDMs can also containerise data and protect it with a password or thumbprint, meaning that they don’t impact on the staff member’s personal apps.
Whilst employees may question the addition of a company-controlled device manager onto their personal devices, when implemented and managed by a Cyber Essentials certified company, this may mitigate any concerns. LP Networks offer Cisco Meraki System Manager, which is considered one of the best in its class.
Train your staff to spot dangers
Even with an excellent BYOD policy in place, it’s still vital that your team are trained and educated in spotting the dangers of a malware or phishing attack. It’s a sad fact that 80% of breaches or attacks are caused by fraudulent emails and email redirects. Setting up a well-planned and effective user awareness education programme can help to maintain and prove compliance.
Improve your endpoint security
Endpoint security adds another layer to your network and helps to protect every device that accesses your network from criminals and hackers. This includes devices that are being used remotely. Having effective endpoint security in place can also be used as proof that your business is meeting Cyber Essentials and GDPR requirements.
Securing the Link
One key layer of security is when establishing the data connection to the business network and in-transit movement of data. Providing either a secure VPN or Secure Gateway between the endpoint and the business data can help ensure both users only access services or data that they should and also the transfer of data is encrypted.
If you are a business that has staff members using their own devices, contact us to see how we can help protect your company data.