In today’s age of smartphones and abundant Wi-Fi, it has become second nature for us to use our phones for both work and play. While some organizations choose to provide phones to their employees, the Bring Your Own Device (BYOD) model quickly took hold due to its convenience and lack of initial cost to employers. Unfortunately for business owners, BYOD also drastically complicates data security.
In a report compiled by Network World, Alfred Yen, the associate dean at Boston College Law School, reported that security is the major issue with BYOD policies. According to Yen, foreign devices pose a major threat as they could be intentionally or unintentionally, transporting malicious malware and/or viruses. Smartphones provide a unique means of breaching corporate security, as they are carried directly onto the premises and are connected directly to business networks.
While BYOD might be dangerous, there are ways to take action. According to Dalia Topelson Ritvo, the Assistant Director of Cyberlaw at the Berkman Center for Internet and Society, it is best for companies to create clear policies in regards to the appropriate use of devices. Ritvo’s solution is rather simple, and relies heavily on the implementation of cloud technology.
Ritvo believes that employees should always maintain two separate email accounts (personal and business) and take advantage of remote or cloud based access to company systems. By implementing a cloud-based solution, employers can limit the access to important files while ensuring that documents remain on the network and not a personal device.
BYOD makes maintaining regulatory compliances much more difficult, especially when it comes to document retention and management laws. According to Ritvo, once data ends up on external devices, it is almost impossible to audit and ensure the necessary protocols are being followed. This is why strong policies must be in place should you allow your employees to use their own devices.