Organizations across the globe are ditching corporate-owned mobile devices and adopting a BYOD ownership model at an astounding rate. 60% of employees already use their personal devices at work or for work, and this number is expected to continue to rise in 2020. The benefits of bring-your-own-device are multifold: flexibility for the employee, decreased mobility costs for the employer, and increased productivity for the organization as a whole. What’s not to love?
Unfortunately, BYOD also often brings with it major cybersecurity concerns that most organizations are not well-equipped to handle. The Verizon 2019 Data Breach Investigation Report found that 80% of breaches stem from stolen or weak credentials on employee phones and laptops. Are you walking into a minefield by adopting BYOD? In this blog, we walk you through the steps you should be taking to protect your organization whilst respecting your employees’ data privacy.
It only takes one misinformed employee to compromise your network. While you might assume your employees know how to protect themselves from common cybersecurity threats, the reality is that the majority of them don’t. According to a recent survey, only 37% of employees are able to correctly define “ransomware”. As a result, training should be a top priority at your organization, even if you have yet to adopt BYOD. Teach your employees why they shouldn’t be using public WiFi networks when accessing corporate data, and what to look out for to spot a phishing scheme.
One training per employee isn’t going to cut it, either. Make sure you are holding consistent training sessions (at least once a year) to keep up with changing cybersecurity trends and policies. Your IT and non-IT departments should be in constant contact to ensure all employees are aligned on BYOD security best practices.
How is your organization currently managing devices and device security? If you’re not utilizing mobile device management (MDM) software to enforce compliance policies, you should be. MDM (otherwise known as unified endpoint management or UEM) belongs to the “security” phase of the device lifecycle and can be described as the process of monitoring, managing, and securing employees' devices across multiple service providers and operating systems. This includes deciding which applications can be installed on employee devices, how devices can be located, and securing them when they are lost or stolen. Depending on the solution your organization chooses, MDM can also include device security capabilities such as remote IT access, location tracking, and data wiping. Remote management is perhaps one of the most obvious advantages of MDM, because it allows your IT staff to quickly disable unauthorized users or applications and delete confidential information from any device.
Invest in a best-in-class solution to monitor employee devices across multiple service providers and operating systems. This software will help with employee onboarding and offboarding as well, giving your hard-working IT and HR departments a much-needed break. Integrate MDM within your broader digital ecosystem to maintain full visibility into corporate data as employees join and leave the organization to prevent any breaches.
In addition to MDM, your organization should also be investing in mobile application management software to separate business and personal data as much as possible. Many organizations conflate or mistake MAM and MDM software, believing they only need one of the two to properly secure corporate devices. MAM refers to the process of provisioning and controlling access to mobile applications, which goes one step beyond the device-level security achieved through MDM.
MAM is important from a cybersecurity standpoint, but also from an employee privacy standpoint. Your employees’ phones likely contain business applications such as SalesForce, as well as recreational applications such as Messenger, which creates the opportunity for data leaks and malware. While business applications should absolutely be tracked and monitored in order to protect confidential information, private employee data on mobile devices, such as conversations with family members, should be free from corporate interference. MAM lets organizations pre-configure basic settings, permissions, and restrictions on corporate apps, reducing the need for human intervention. The software then “wraps” your employees’ applications in a layer of code that enables your team to monitor and govern the data within them remotely, keeping a safe distance from personal data.
Unfortunately, MDM and MAM simply aren’t enough to keep you secure (particularly if your enterprise is operating under a hybrid mobility model). Work with an MMS provider that can provide complete visibility into your mobility ecosystem and can integrate with your security management software to track devices across business units. It’s always best to opt for an MMS partner that takes a data-first approach to mobility management in order to ensure all of your different mobile data sources “talk” to each other and there aren’t any “blind spots” at your organization.
* * *
Now that you understand the importance of securing devices across your mobility ecosystem, it’s time to evaluate your current systems and infrastructure. Request a consultation with the Sakon team to better understand your mobility needs and discuss areas of optimization.