Employees are using mobile devices and cloud services to perform everyday business processes, and many of them are using their own phones. As many as 74 percent of private sector employers allow employees to access company systems using their personal phones, computers and tablets. Bring Your Own Device (BYOD) in the workplace has brought many benefits for businesses, including increased productivity, greater employee flexibility and engagement, and cost savings.
At the same time, however, it has raised a number of security issues. In fact, security is typically the biggest concern for businesses when it comes to enterprise mobility solutions and policies, according to Tech.Co.
Organizations often struggle to balance user privacy and security measures that properly secure sensitive data and infrastructure. In contrast to the typical computer, for which security is tightly controlled by IT policies and procedures, mobile phones have both personal and professional uses, limiting the security measures an organization can put in place.
BYOD policies are increasingly seen as infringing on user privacy, author Elena Kvochko wrote in Forbes. The vast majority of Americans who use smartphones for work say they are expected to read emails after work hours, and companies need consent to access personal devices to monitor the use of apps and install security software. As many as one-third of BYOD policies seek to access and control users’ personal applications, information and social connections, according to Gartner.
Attacks against mobile devices also are getting more sophisticated. As they do, many enterprises are no longer relying solely on standard device management platforms for security, according to Tech Republic. Instead, they are blending traditional enterprise mobility management (EMM) and mobile device management (MDM) systems with mobile application management (MAM) systems to create a comprehensive threat management platform.
Lastly, loss or theft of a mobile device can threaten the security of the enterprise. Regulated data may be breached when an unencrypted device is lost.
Does your organization have a comprehensive mobile device policy?