November 25, 2015

How BYOD is Changing the Needs of Enterprise Security - And What Companies Can Do About It

By Jscrambler | 4 min read

byod_large

It seems like every time you turn around, another new fancy electronic device has hit the market. This, plus the rise in the “Bring Your Own Device” popularity, means that more and more employees are bringing their shiny new devices into the workplace.

While this may sound like a win-win arrangement, it’s not all good news. If these personally owned devices are lost, stolen or hacked, companies potentially stand to lose millions of dollars as a consequence.

Here’s a look at what BYOD is, what some of the pros and cons are, some tips that companies can utilize to minimize their risks if they do choose to adopt a BYOD policy and how Jscrambler is the right tool for the job.

What is BYOD?

The term Bring Your Own Devicerefers to the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications.[1]

The Benefits: What Does BYOD Have to Offer?

Companies do have some compelling incentives to implement a BYOD policy. Associated payoffs of doing so include reduced spending on hardware and software, and more comfortable and more productive employees.

  • Cost Savings: Allowing employees to utilize their own devices shifts the hardware and software costs to the employee.
  • Boosted Employee Morale: Employees no longer need to carry, charge and care for multiple devices — they’re also frequently more comfortable using their own, self-chosen gadgets rather than IT department-supplied ones.
  • Increased Productivity: Another benefit to consider is that employees are frequently more comfortable with their own devices, which leads to better familiarity. In turn, this leads to more productivity.

The Dangers of BYOD: What to Watch Out For

The advantages of a BYOD policy are certainly convincing, but they’re not without their risks. Allowing employees to access critical company data opens up the possibility of costly repercussions if the devices are lost, stolen, hacked or otherwise infected with malware.

  • Risk of Loss: Theft or Hacking. Technology Practice Director of Xceed Group, Shaun Smith, says, “Security and the loss of devices with limited password protection is naturally a key concern. Increased consumerization in the workplace can bring with it an increased risk from threats such as hackers and viruses.[2]
  • Risk of Unwitting Employee Error: By far, the biggest risk that companies face, in terms of BYOD, is having no policy whatsoever. By not having any policy, there is no employee training and no set standard for what is or isn’t allowed.
  • Increased Cost to IT: The financial effects of BYOD can go either way. On the one hand, shifting the cost to the employee can, in fact, save a company money. On the other hand, though, it can just as easily be more expensive.

Allowing user-supplied devices also means that the IT department will have a much larger range of devices to integrate and manage within the company infrastructure, with each coming in different styles and varying operating systems.

What Can Companies do to Minimize Their Risk?

Ultimately, the decision of whether to implement a BYOD policy or not is your call. If you do decide to implement one, keep in mind:

  • Ensure due diligence is conducted to carefully weight the risks versus the rewards when deciding if a BYOD policy is right for you;
  • Take the time to plan: not having one means that BYOD will just happen, without control;
  • Security. A large majority of companies admit that mobile enterprise security is a huge challenge, so companies must seek out the proper technologies that will be used to manage and secure these user-supplied mobile devices. And they should also estimate the financial drain that this may put on the IT department.
  • Communicate your BYOD policy: Educating employees on the proper use and security measure that come with a BYOD policy is key in keeping your company data secure. Take the time to ensure employees understand the associated risks and what their role is in minimizing them.

What Jscrambler offers to Minimize The Risk?

Because employees bring their own devices to which you will never have access nor you will be in position to require third party security software to be installed on them, the best you can do is to provide your internal applications with self-defending capabilities.

Maybe you have already heard about Jscrambler Self-defending which you get out-of-box with Jscrambler since version 3.5.

Another option you should consider is to give applications the capability to defeat Man-in-the-Browser (MitB) attacks/fraud, bots, 0-day threats and APT (Advanced Persistent Threats) and Jscrambler can help you with that too. If you’re interested contact us and we can let you know more about solutions for that too.

In both cases no changes or setup need to be done on the end user device: protection can be delivered within the application as a part of it, with no additional requirements or application changes.

To conclude, if you decide to adopt BYOD – go for it. However, try to ensure that all of your applications take advantage of the state-of-the-art technologies that will protect your applications against current threats. Also, keep in mind the importance of defining some limits of use by creating rules of what can and can not be done.

References

  1. https://en.wikipedia.org/wiki/Bring_your_own_device
  2. http://www.techradar.com/us/news/computing/what-is-byod-and-why-is-it-important–1175088

Book a Jscrambler Demo

Author
JscramblerThe leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.
View All Posts

Subscribe to our weekly newsletter

Learn more about new security threats and technologies.

I agree to receive these emails and accept the Privacy Policy.