However, Pokémon Go is just one of the many apps employees have downloaded to their personal and corporate devices that have the potential to put data at risk. Messaging service, WhatsApp, discovered a bug in their web extension that allowed hackers to remotely take control of a user’s computer, and two years ago Snapchat experienced a breach when a hacker published the personal credentials of 4.6 million U.S. Snapchat users. Pokémon Go is yet another reminder of the threat mobile devices can introduce to the workplace if an organization does not have the proper technology and policies to protect corporate apps and data.
According to the Canadian Radio-television and Telecommunications Commission (CRTC) two-thirds of Canadians own a smartphone and almost half own a tablet – so banning personal devices from the office or attempting to halt the blend of personal and corporate use of a device is becoming increasingly unrealistic. However, there are many benefits for organizations that allow a BYOD (bring your own device) environment, for example, employees have the freedom to choose their own device and can work and collaborate the way they prefer. Additionally, there can be significant cost savings for the organization if employees pay for some of the costs associated with the device. At the end of the day, embracing BYOD just makes sense.
So how can organizations adjust course to ensure corporate data remains secure while employees enjoy their devices?
Technology that both protects company apps and data but allows a user to work from any personal device comes in the form of Mobile Device Management (MDM) and Mobile Application Management (MAM).
For optimal security precautions, organizations should provide a corporate app that can be downloaded and used on the personal device to ensure employees can securely connect to company servers and information. Ideally, this app should be separate or containerized from the rest of the apps on the device. This means that even if an employee downloads a virus that seeks to extract private data, it is blocked from accessing corporate data through end-to-end security barriers designed into the app. Certain MAM solutions also allow for remote wipe, should any vulnerabilities appear or if the device is lost or stolen, corporate files and data can be removed from the phone remotely.
Organizations should also have a clear BYOD policy that is communicated to employees while simultaneously supported by the IT department.
The policy should outline what devices and apps are allowed or banned, information regarding security procedures including whether not IT requires antivirus or antimalware software on the device, what information can be stored on the device, information regarding stipend or cost sharing and servicing the device among other considerations. It’s also important to educate staff on easily avoidable, common security pitfalls like how to avoid weak passwords and sending/receiving information on public Wi-Fi networks.
A combined approach of technology, policy and education can help organizations make the most of a BYOD environment while employees enjoy the latest and greatest the app world has to offer.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…