Subscribe

The downside of BYOD

By Lwavela Jongilanga, Portals journalist
Johannesburg, 16 Apr 2014
The main challenge to how BYOD causes wireless and WiFi threats is that users may not have adequate security on their personal devices, says Symantec's Fred Mitchell.
The main challenge to how BYOD causes wireless and WiFi threats is that users may not have adequate security on their personal devices, says Symantec's Fred Mitchell.

Mobility is essential in the business world as being able to communicate while on the move is no longer a 'nice to have' but rather a necessity.

So says Fred Mitchell, DCC's Symantec business unit manager, who points out that the introduction of laptops, smartphones and tablets has made mobility possible with bring your own device (BYOD) regarded as the next step in mobility.

Mitchell is of the view that although the BYOD phenomenon provides many advantages to the business user (and the business), it introduces a number of threats, particularly to the corporate network.

He argues that what is driving the BYOD trend among organisations is that people within organisations increasingly want to make use of their own devices for various reasons.

For example, he says, a company may standardise on a particular brand/device and the user may not want to use that particular brand. Furthermore, it is often inconvenient for users to have more than one tablet or smartphone as they find it easier to have one device that doubles for work and personal purposes.

He says for enterprises to ensure that their networks are secure with the advent of BYOD, they need to ensure that the right security, management and controls are in place. It is essential that when a user logs onto the network, these devices and the information on the devices is protected, Mitchell explains.

"Knowing how information is transferred and where it is transferred to is crucial. Policies must be in place and organisations need to ensure that these policies are enforced. Once the policies are in place and defined, the overall management of these devices becomes easier."

Symantec recently conducted a survey where it was established that 65% of surveyed companies give employees network access through their own devices. Some 80% of the applications these employees use are not based on-premise, but in the cloud. 52% regularly use not one, but three or more devices.

"This opens the door for security threats including device loss and theft, the loss of data, data leakage, malware as well as WiFi and wireless threats. Understanding each of the threats associated with BYOD will allow an organisation to implement the correct security protocols to ensure data protection, further ensuring organisation information is secure and does not fall into the wrong hands," he says.

Mitchell says the main challenge to how BYOD causes wireless and WiFi threats is that users may not have adequate security on their personal devices.

He notes that it is very easy to log onto a wireless network, especially if there is no security on the networks. "For example, many mobile workers make use of their notebooks while on the move. Making use of a smartphone or tablet is exactly the same. Therefore, the same security principles should apply to these mobile devices. The key to mobile device security is encryption," Mitchell urges.

According to Mitchell, mobility does not guarantee productivity as productivity depends on the person. "However, it does provide the workforce with the means and flexibility to work 'on the go'. This results in improved productivity."

He also points out that the apps employees make use of the most are dependent on whether the company specifies which apps users may use when connected to the corporate network, says Mitchell. "This type of policy item is essential though ensuring that users don't have carte blanche with regards to apps. A profile should be created per user which will determine what can be downloaded or accessed via the corporate network," he says.

He mentions that there are approximately 20 000 apps written per month which puts the potential threats into perspective. If the application has a weakness in it, it poses a threat to an organisation's security and it makes it easier for the app to be hacked. Sometimes apps are designed to introduce security threats or malicious intent into an organisation.

Share