As more employees begin utilizing smartphones in their personal lives, businesses are exploring “bring your own device” (BYOD) plans to serve their organizations. For years, businesses depended on the BlackBerry to ensure mobile data security; however, as personally owned iPhones, Androids, iPads and other tablets gain popularity, enterprises need to explore mobile security options to protect these employee-liable devices.
In the past, smartphones were primarily a business instrument that was occasionally used for personal tasks. When it was first released, not many individuals owned a BlackBerry. Now, the roles are reversed and everyone wants a personal smartphone or tablet that they can also use for business. Employees are no longer satisfied doing business on desktop computers or laptops but instead want to utilize their portable smartphones to do business whenever and wherever they chose.
A study conducted by Cisco of 600 IT and business executives reports that most companies are implementing BYOD. 95 percent of those surveyed indicated that they allow employee-owned devices in some aspect of the workplace. 84 percent provides some level of IT support with 36 percent offering full support for these employee-liable devices. According to the authors of the study, IT is accepting and even embracing BYOD as a reality.
Implementing a BYOD policy produces a cost saving for corporations as it allows the employee to assume the expense of purchasing their own mobile devices. This method also improves productivity as employees have access to their work anywhere, anytime. However, the cost savings and improved efficiency often do not offset the increased mobile security risks and opportunity for security breaches.
While some companies are embracing the new BYOD trend, others don’t think the risks outweigh the reward. Recently, IBM banned employees from using personal devices and services such as iPhones, Siri and Dropbox to view company data. Many mobile phones, cloud services and web apps were not created with security in mind and especially not with the robust, enterprise-level mobile security most businesses necessitate. These risky, consumer-focused applications could easily allow sensitive business information to leak out.
Security policies need to be revised to include mobile phones and devices. Most companies have not yet made this switch; however, developing policies to protect corporate data on personal devices is essential to the BYOD method. IT needs to consider all possible scenarios that could result in the loss of a device or a in a breach of company data.
Privacy is another essential consideration when implementing BYOD. With corporate-liable devices, policies could be put in place without considering privacy; however, BYOD requires the issue of privacy to be addressed. In the case of BYOD, the issue of privacy has very different meanings for both the employee and the organization. To an enterprise, mobile security means losing private business data such as sensitive emails; but to an employee, privacy is losing personal data such as contacts or photos. Both of these perspectives should be considered when creating these mobile policies.
Companies often don’t realize the risk they are taking by letting their employees access company data until it is too late. In the past, smartphones were strictly a business instrument. Now, every individual wants a smartphone or tablet that they can perform business and personal related tasks on. Business decision makers need to educate themselves and understand this role reversal as well as the security risks that accompany it so the proper mobile security policies will be enforced.
For more information, view the article The Risks and Benefits of Allowing Employee-Owned Devices by Joe Mont.
e-Cycle’s Mobile Phone Buyback, Recycling and Data Security Business Solutions
Businesses need to implement a policy that considers the company’s confidential data when the mobile devices have reached the end of their life. Sensitive company data can still be accessed after a mobile phone has been retired and partnering with a mobile buyback and recycling company that guarantees mobile data deletion will ensure confidential company data remains secure. e-Cycle helps organizations take a more responsible, secure and profitable approach to wireless mobile phone recycling. e-Cycle collects used mobile devices from businesses and organizations, reimbursing them for devices that retain value and recycling all others at no charge. The information on every phone is either deleted or destroyed using the industry’s most rigorous data security measures. Inc. ranked e-Cycle the #5 Fastest Growing Environmental Services Company in the U.S. and Forbes named e-Cycle the #68 Most Promising, Privately-Held Company in America. In January 2012, e-Cycle became the only mobile buyback and recycling company in the world to become e-Stewards certified. For more information, visit www.e-cycle.com.