IT
The shift from company owned devices to employees bringing their own is having a massive impact on security.
Bring your own device (BYOD) is one of the most complex developments for financial services companies because it introduces huge security risks.
By 2017, one in two companies will no longer provide devices to their employees according to Gartner. Therefore the onus is on the organisation to implement policies and procedures to help employees keep their devices secure.
BYOD, also known as workforce mobility, provides great flexibility and increases productivity, but it has a significant impact on financial services companies as personal devices and any inherent malware can now interface with corporate data.
So here’s what you can do….
Organisations need to identify which applications employees are using to interact with corporate data so the first thing to do is carry out an audit of the entire IT environment. This will determine whether the infrastructure can cope with workforce mobility.
These additional steps will enable safe workforce mobility:
1. Implement acceptable use policies and procedures that clearly communicate the boundaries and what happens if these are violated.
Mobile phones and tablets are the weakest link when it comes to security and are prone to attacks. They also require regular patch updates, for which the responsibility lies with the employee.
2. Go one step further and implement endpoint protection.
Keep your Windows network safe with a single endpoint agent which provides antivirus, web protection and device control. This method will take the onus from the user and prevent malware and data loss, with no complicated network setups.
3. To prevent the spread of viruses, ensure that a gatekeeper such as a VPN is installed. This grants access to the remote device by verifying that the data being transferred from the device to the IT network is encrypted and permitted.
According to a study conducted by HP, 97% of employee’s devices contained privacy issues and 75% lacked adequate data encryption. This creates serious security holes that can be exploited by hackers.
4. To prevent mixing personal and business data, invest in Enterprise Mobility Management (EMM) software to monitor and detect risks.
One of the biggest threats to mobile devices is malware that is installed unknowingly. This means that malware could find its way onto your network. Keyboard logging is another technique hackers use to record login and password credentials. An effective way to overcome this is to implement one-time passwords so that users have temporary passwords each time they log in.
5. Implement remote wiping capabilities so that IT Managers have the power to wipe the device as soon as possible without having to ask for the user’s permission. This will give the IT department greater control when a device goes missing.
Over half of security breaches occur when devices are stolen, so it’s paramount that companies implement encryption tactics to ensure that the device is secure against threats.
Although BYOD poses significant security risks, if managed properly, a BYOD program can reduce costs and increase productivity without hindering security. Educating employees on how to protect their devices and confirming they are configured in line with security policies ensures that even the basic security precautions are adopted.
By Siobhan Cusack, Account Director at Trilogy Technologies.