Enemy in Your Pocket: Pros and Cons of Using Personal Devices in the Office

One of the latest tech trends to sweep through workplaces large and small is 'bring your own device' or BYOD policies. These are popular for a number of reasons. Empowering employees to work how they want over the devices they want is good for morale; it's far less expensive than buying new technologies for every new employee; and it ensures that workers have the tools they need whether they are in the office or at home, which is especially helpful for traveling or remote employees.

Then again, there are some downsides to BYOD that you need to understand. Below are a few of the problems BYOD introduces to your business environment and what you can do to prevent a cyberattack. In the unfortunate event of data breach, a cybersecurity policy from CyberPolicy can safeguard your organization from the crippling financial damages a data breach can cause.

It's All About Risk Management
It's no secret that bringing personal devices into the office opens a world of security risks. It could be as simple as leaving your laptop or smart phone at the coffee shop, only to have it be picked up by a nefarious actor; or arriving to work with a bogus app downloaded to your tablet that spreads to the company network.

Public Wi-Fi is another vulnerability of the BYOD and 'work from anywhere' models. That's because crafty cyber crooks can see information sent and received by your computer or mobile device. To make matters worse, man in the middle attacks are phony Wi-Fi hotspots made to look like legitimate free Wi-Fi networks. One click, and everything you do online can be seen by the hacker. In fact, cybersecurity policy experts recommend that you avoid using corporate email, online banking or even engaging in ecommerce purchases while on free public Wi-Fi.

And therein lies the problem. BYOD policies offer very limited visibility to IT departments, the very teams designed to defend us from digital incursion.

Of course, no one is going to put the genie back in the bottle. BYOD is simply too important to workers and too valuable to employers to turn back now. Instead, businesses would be smart to implement a few cybersecurity policies to block cyberattacks before they happen and minimize the risk if they do. Here are a few examples to get you started:

  • Host regular cybersecurity training sessions. Research shows that the majority of data breaches are caused by employee negligence. Give workers the tools they need to make smarter decisions online.
  • Embrace a corporate firewall. This will insulate your internal communications and data transfers from prying eyes.
  • Require VPN access for remote employees. A firewall can only guard devices inside your network, so advise your employees to use a virtual private network or VPN when working remotely.
  • Give IT teams great oversight of personal devices. Assure your employees that tracking their personal messages or browsing history is not your intention. Rather it's a way to stymie malware or Trojan programs from infecting their coworkers and clients.
  • Reduce or reveal shadow IT. Shadow IT are unapproved programs used by employees for professional purposes. Since IT cannot see these programs, they will have a hard time detecting data breach or cyberattack. If you can't eliminate shadow IT in your office, at least urge employees to disclose their programs to IT.
  • Keep your programs up to date. Outdated software and add-ons often contain easily exploitable security gaps. Stay safe by enabling automatic updates.
  • Follow stronger password protocol. Weak sign-in credentials are a primary entry point for hackers and criminals. Remember to use unique and robust passphrases for each device and online account.
  • Implement two-factor authentication. Add an extra layer of security to your life with 2FA. This typically requires a secondary device, like a smart phone or biometric scanners (something a hacker would not have access to), to open your account.
  • Develop a response plan. Hacking happens, so prepare yourself now. In the event of an attack, determine quarantine procedures, the chain of command and who to contact, including law enforcement, business insurance providers and cyber policy holders.
  •  

Follow these steps all you'll greatly reduce your chances of becoming a victim of a cybercrime. Visit CyberPolicy to get your free quote today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375