It is no surprise that one in two British workers will be using their own devices in the workplace by 2020 1. It is actually surprising that it will take this long. If you think your workforce isn't using BYOD (bring-your-own-device) already, try asking the following questions. Do they ever take weekend work calls on their own smartphone? Does anyone open work documents sent to personal emails on their home laptop or access webmail on a personal tablet?
Answer yes to any of these questions, and your workforce has embraced BYOD without you even knowing it.
In businesses where BYOD isn't openly discussed, actively encouraged or banned, there is simply no way of knowing the actual or potential impact this phenomena could have on your business. Whether a small start up or multi-national it is not outrageous to suggest that your company is a BYOD adopter - you might just not know it.
Where the real danger lies is in this BYOD blindness. Mobile devices are facing unprecedented levels, and varieties of attack. Our latest mobile threat report showed that Android is a hot target for malware, with 79 per cent of all mobile threats attacking the world's most popular OS.
With nearly 75 per cent of smart devices worldwide relying on Android2, the smartphone in your employees' hands could, without the right security measures, be a ticking time bomb. This same report showed the first highly targeted Android attacks. On this occasion the victim was a human right's activist, and the malware was capable of accessing contacts, GPS, call logs and SMS messages.
This scenario may seem otherworldly to the average small business. However it demonstrates the increasing sophistication of malware applications designed to harvest sensitive details. How would your customers feel if an unsecured device led to their contact details being shared with criminals, or a sensitive deal was unveiled before your investors were ready to go public?
The government is well aware of these risks, hence increased focus on data regulation. Any company that deals with personal details cannot ignore these regulations without risking severe financial and reputational damage.
Last year, the UK government paid out a whopping £2 million in data breach fines. The ICO is hot on the tails of companies who fail to protect their data. From 2012 - 2013 they issued double the number of data breach fines than the previous 12 months.3
Once you have come to terms with the fact that you may be blinkered to the extent of your own BYOD deployment, the next step is to tackle the problem head on. Where to start?
Firstly take a stand. Evaluate the risk to your business of a BYOD breach. Whether malware attack, a lost or stolen device or deliberate hacking, decide whether the data at risk is so sensitive that you have to out and out ban work activity on personally owned devices. It may not be popular and may be hard to police, but is a stand that some sectors have already taken. Just look at the banking sector.
Regardless of whether you choose to allow BYOD or only company-owned devices, it's imperative to have at least the basics of mobile security installed and up to date. This includes anti-virus and lock and wipe solutions but can encompass further, far-reaching device management options too.
Secondly, educate. Whatever stand you take, make sure your employees know what is, and isn't acceptable and the potential consequences of breaching this policy. Create a policy document and stick to it.
BYOD isn't a trend, or just another buzzword. It's here to stay and it is already making an impact on your business, whether or not you know it.
3. [http://www.itpro.co.uk/data-protection/19690/ico-foi-response-reveals-massive-rise-data-breach-fines#ixzz2ToyJSLeM]↩Suggest a correction