The Other Side Of BYOD: Are You Prepared For The Face-Off?


Everybody is bringing their own device at work. BYOD has now become more than a concept and devices ranging from smartphones, tablets, laptops or other personal devices, are being used for both business and personal work. While benefits of BYOD are manifold, such as convenience, improved productivity and the potential for cost savings; this also poses a huge risk to the business.

Undeniably, BYOD plays a major role in employee satisfaction and productivity, but the question is – would you want to achieve it by keeping your business at risk? The answer is – No. Business risk shoots up drastically when personal and business applications amalgamate, especially, if personal apps have high susceptibilities of cybercriminals using the business information out of that device, or to inset a malware that will then make the device a channel for tainting the backend network systems.

As per a recent survey report by Google’s Our Mobile Planet,the average mobile user downloads 25 apps on their smartphone, each with their own set of permissions and rights to their device. Mostly, these apps are used by users for pleasurable acts like gaming, travel, shopping, and much more –all through their personal mobile providers. The chilling fact here is that, once the device is connected to your network through the corporate VPN, all that movement will reach out and touch your network data. To understand the magnitude of the risk, we can just multiply those 25-32 apps by the number of users in the organization who use their personal devices at workplace. Not just this, it also stances risk on both personal and business traffic on network bandwidth.

Over the years, many organizations have tried looking into this menace seriously by bringing multiple policies to gain more control on the BYOD security but nothing seems to have worked out for them. Though organizations introduce guidelines for securing the corporate data such as mandatory encryption, along with endpoint integrity checking, and auditing of mobile devices, etc., industry surveys reveal that these policies are usually not enforced strictly by these companies.

Another strategy to get rid of security threats is by blacklisting certain personal apps, so that when those apps are used, organization will immediately detect and request the employee to de-install it from the device before it touches the corporate data. But the challenge here is that this kind of tactic does not serve the purpose because the employee might find an alternative to keep that app in the device.

There seems to be a big rift between the IT and users when it comes to BYOD security. Whilst BYOD has gained huge popularity across enterprises, security still holds minimum priority for the users, who resist the idea of mobile device managementagents or security controls being placed on their devices to protect privacy of personal data and apps.

All these state of affairs puts the IT team into a spot where they have to rethink how they want to support mobile access. Erstwhile, keeping the mobile device access to corporate data and resources safe alongside respecting one’s personal data privacy created many complexities. It needed a complex mix of proprietary mobile applications, custom application development, and multi-box solutions from multiple vendors.

To combat growing security threats, there are few steps that CIO’s and IT teams can follow:

- It is imperative for organizations to make sure that per-app VPN technology will support any mobile app of your choosing without development or customization

- Understanding the right backend resource that companies would want users to access, whether web apps, client/server apps, file shares or virtual desktops and look for VPN technology that can support access to all required workloads is of extreme importance

- Infecting a mobile app is one of the easiest ways for hackers to gain access. Therefore, along with mapping the apps that you will allow to access the network, you can also ensure that those apps are absolutely safe and are not compromised

The adoption rate of BYOD has witnessed a major spike over the years. This means, that IT can no longer keep the security aspect aside. Per-app VPN technology combined with strong security policies is certainly being looked at as a perfect way to put an end to this menace and organizations across sectors should enforce it as early as possible.