Pages

Thursday, April 18, 2013

Widgets

Widgets

Top 6 BYOD Risks

In my last post I discussed the top Benefits of BYOD and ended with the promise to discuss the main risks or concerns associated with BYOD.  Before I do; it is important to understand that new technologies such as the enterprise cloud, cloud-based apps, social media, and high-powered mobile devices offer more ways to access corporate data.


1. Data Management, segregation for compliance reasons
Many financial regulators or auditors require certain sensitive data to be adequately protected and stored with documented evidence to prove. With Cloud and Mobility this can prove a challenging equation. Key Challenge will remain the assurance and evidence although IT/Security Departments should be provided with a clear guideline on data management policies or devices (3rd party included) on which data is stored



2. (Unknown) 3rd Party Access via Mobile Apps
When employees download and install their personal apps on their personal device, they allow unregulated third-party access to other sensitive, corporate information stored on their devices. Additionally Wi-Fi Access points could potentially access corporate data. 

3. Data Tracking (Nightmare)
The ability to track and manage corporate data has become more difficult with the adoption of new technologies like Cloud and Mobile Storage Services in the Enterprise. Organization are often not equipped to track data effectively and need to rely on 3rd party providers and rely on employees to follow the guidelines.

4. Lost or Stolen Devices:
A simple truth is that PC's or even Laptops do not go missing that easily as a smartphone or tablet, due to the sheer size. The risk is in the fact that Mobile Devices in general are either not password protected or lack a robust protection. An additional factor of risk is corporate espionage via deliberate targeting of device. 




5. Employees leaving 
Employees leaving a company "forget" to inform HR of their own device containing corporate information. Unhappy employees can leak information to competitors. 
Most of this can be mitigated fairly easy by reminding HR teams and employees that any corporate data either stored on mobile devices or cloud service remains owned by the company. Termination or Exit Policies are almost in all companies common practice

6. Additional Cost instead of Savings
Many CEO's view BYOD Policy as an easy cost-saver, however to manage and monitor points 1,2,3 and 5 (point 4 is ambiguous) new IT policies, hardware and employees need to brought into place which is likely to be more costly as the graph indicates. 
The picture here is not as black and white though as the graphs below will demonstrate


After spending a lot of time on BYOD researching it I am still not sure whether the benefits  (at this time) outweigh the risks involved. I can see the immense potential and benefits for both employers and employees but am still uncomfortable with the complexity and possible security and policy gaps. 





No comments:

Post a Comment