Employees expect to use their mobile devices at work, and employers often don't mind because of the cost savings. However, the use of personal smartphones and other mobile devices at the office creates problems for IT managers.
A business with 100 "bring your own device" users might have an additional 300 phones, tablets and laptops to contend with. There are a lot of potential leaks there.
While a company's IT department might have a solid grasp on company-issued laptops, desktops and mobile phones, it is almost impossible to control the various types of personal devices on the company's network.
When an employee gets that new, shiny personal device and installs various apps, then plugs it into a work desktop to update or sync settings, files and folders, they're putting all the data in the company at risk. Further, the IT guy has to worry about whether the last app somebody downloaded might infect the entire network.
A recent survey conducted by GFI Software doesn't paint a pretty picture. It showed just how much employees companies' data at risk when they use public WiFi while commuting back and forth to work:
The research findings reveal a stark and concerning trend among commuters — one of using their personal devices to catch up on work during their commuting downtime, but doing so over highly insecure Internet connections that can be easily intercepted by other users or the operator of the access point.
Mobile Internet access is now firmly entrenched as a day-to-day norm, but with that has come an increasingly relaxed user attitude to data security, compliance and data governance policy.
Companies need to address mobile device management to ensure that use in insecure environments doesn't create vulnerabilities that could be exploited by criminals — both cyber and conventional.
Companies should have policies that explicitly spell out what employees can and can't do on their devices — if they are allowed on the network at all.
But if employers really want to prevent data leakage, then enterprise-level software must be installed on each device that allows IT to lock, locate and wipe data, along with the ability to restrict the device's access to certain activities.
In addition, equipping each device with a virtual private network is an effective way to protect WiFi communications via encryption when a device is used with unencrypted public WiFi.
Robert Siciliano is an identity theft expert to Hotspot Shield VPN, and the author of "99 Things You Wish You Knew Before Your Identity Was Stolen." For his free e-book, text SECURE your@emailaddress to 411247.
Read more about security.
/ Robert Siciliano is CEO of IDTheftSecurity.com. He is a nationally known speaker on the subject of identity theft.