With more companies realising the benefits of allowing their employees to use their personal devices such as smartphones, tablets, laptops and external storage drives to access enterprise data and systems, Bring Your Own Device (BYOD) is fast becoming the new workplace standard. BYOD improves productivity and at the same time, bring about cost savings for the company. Despite the benefits, BYOD is not without its perils when it comes to security. Devices could be lost, stolen or compromised, putting a company at risk of losing sensitive data. According to a recent Trend Micro study, 46.5% of enterprises that allowed employees to access their network via their own devices experienced some form of data breach.
To minimise the potential risks and ensure a secure work environment, companies need to take steps to implement a formal BYOD policy and educate their employees on the importance of following these rules.
Here are some basic measures to get you started on implementing BYOD securely in your company:
- Maintain a list of linked personal devices that can be used to access the business network. Awareness of the devices that employees are using to access business data is important in a good BYOD policy. In the event of a breach, the source can be traced easily and host applications blocked immediately.
- Limit and enforce administrative permissions to prevent unauthorised access to sensitive company data. The levels of access granted can be based on individual roles and responsibilities in the company.
- Require the use of a Virtual Private Network (VPN) to secure Internet communications and keep sensitive data safe from interception.
- Ensure that antivirus software is installed on all linked devices and schedule regular software updates to ensure that applications are up-to-date and the latest security patches are installed.
- Implement password policies to ensure that users set strong passwords. Some standard password policies examples of password policies include:
- Passwords must be complex and contain lowercase and uppercase letters, numbers, and symbols
- Password length must be at least 10 characters with at least 5 unique characters
- A maximum password age of 30, 60 or 90 days
- Use different passwords for different accounts
- Enable a second factor of authentication (e.g. a token) whenever available
- Invest in endpoint security or mobile device management solutions to create an encrypted environment that prevents data leakage during incidents like loss of mobile devices and hacking.
- Invest in enterprise cloud storage services with audit logs.
Maintaining adequate cybersecurity hygiene within the company is an ongoing process, and implementing a good BYOD policy is a good first step towards developing a secure BYOD work environment.