Certainly, there are some excellent tools emerging to support security in the BYOD era, but like with anything in IT, the tools have to be used effectively. For many organisations, this means a notable rethink in security strategy. One of the biggest challenges for IT leaders currently is how to allow sufficient freedom to capitalise on the opportunity that BYOD brings, while still safeguarding information systems.
This shift occurs at a time that risks are changing. The image of online threats as individual youngsters, who spend too much time on their computer and not enough outdoors, is outdated. Sure, those threats are still out there, but today’s cyber baddies come more in the form of organised crime. Many of our customers are wisely opting to schedule regular independent security audits that include an examination of where they can firm up their defences. That is essential good practice in the BYOD era.
- Can we remotely wipe data from a missing device, when that device does not belong to us but some of the data does? The answer may seem simple until you consider that the employee may have photographs of their newborn child, or their recent holiday, on their phone.
- Can we separate an employee’s personal data from company information? And what is our responsibility if their own personal data is backed up on our systems?
- Who has ultimate responsibility if the device contracts a virus?
- How do we prevent unauthorised people (spouses, house-mates, families) from accessing corporate information on a device?
- Do we need to change employee agreements to accommodate their BYOD responsibilities?