By Greg Keller Posted May 11, 2015
Gartner predicts that almost half of employers will require their organizations to become BYOD compliant by 2017.
BYOD, or “Bring Your Own Device,” is the idea that employees bring in personal computers or mobile devices for their work computer, rather than have a company issued device assigned to them.
The 411 on BYOD
Part of the reason for Bring Your Own Device’s increase in popularity is that companies stand to save a significant amount of capital without having to buy each worker a machine to work on. A new Macbook runs at roughly $1,300. If a 100-person company were to issue each employee one MacBook, they’re looking at a $130,000 bill. And that doesn’t take into account maintenance, management, upgrades, or software on each of those devices.
Additionally, employers like Bring Your Own Device workplaces because they provide employees with flexibility in where they can work and what they work on. Whether on the road, or working remotely, laptops, tablets, and mobile phones make it easy for employees to work remotely or on the road, without having the interruption of “not having a certain program” or file.
Unfortunately, only about 40% of organizations have a BYOD policy in place. This means, the majority of companies are allowing personal devices to serve as the company workstation, but aren’t educating their employees on security steps to keep those devices safe from hackers. In essence, employees are free to run amok, with sensitive company data at the whim.
BYOD more Danger than it’s Worth?
Indeed, the gap between device use and BYOD policies is both staggering and frightening.
Employees were found responsible for 71% of the 654 leaks of confidential information in the first half of 2014—and undoubtedly BYOD is a contributing factor in that percentage.
The fact that organizations are beginning to require BYOD workplaces would seem to necessitate more robust internal BYOD policies. Yet—frankly—why aren’t more robust BYOD policies being made? This is a recipe for IT disaster.
In an article about why BYOD won’t work for companies, Steve Ranger underscores the of issue corporate risk as it relates BYOD cultures.
“IT organizations will need to set strict and enforceable guidelines for staff, and that means staff have to be vigilant about security, whether they (or their family) are using their device for work or pleasure,” Ranger says.
It’s not just enterprise data that is put in danger in BYOD situations. Personal information held on an employee’s personal computer is equally made vulnerable.
“Enterprise IT chiefs have to be careful to protect corporate data (by doing a remote wipe when someone leaves the organization) without running the risk of compromising the individual’s data too (by wiping all their holiday photos at the same time),” Ranger says.
There Is a Solution
But with all the worry and concern over BYOD, there are ways to mitigate the inherent risk, and keep both personal and enterprise data safe.
In our eBook, Doing More Faster: Now with IT Control, we provide simple actionable steps for business owners to make to dramatically improve their security position.
Check out the eBook to learn what changes you can make to your business today, or schedule a demo with the guys who are creating SaaS apps to directly solve this problem as a service.
(This post is authored by Alan Shimel, Editor-in-chief of DevOps.com, a regular contributor to Network World and Chief Executive Officer at The CISO Group. You can read his blog here, and find him on twitter here.)