Bring Your Own Device (BYOD): How to Reduce the Risks
With the rise of businesses utilising the BYOD policy and allowing employees to use their personal laptops or smart phones to access company documents, it has become extremely difficult for employers to ensure the security and confidentiality of their intellectual property. So how can you protect your business?
The BYOD practice has been adopted into more and more businesses as they have realised the benefits of offering flexible working solutions to their workforce alongside saving costs on company equipment, giving employees a sense of ownership and boosting employee engagement.
“77% of Australian CIO’s allow their employees to access corporate data on their personal devices.” – roberthalf.com
However, there are also issues to be considered. BYOD increases the risk of information falling into the wrong hands meaning companies need to be more vigilant if they want to avoid damaging their reputation and opening themselves up to hefty fines from breaching any of Australia’s data protection laws.
A study conducted by the Ponemon Institute highlighted that over the previous 2 years, data loss cases in companies has increased globally by 23%, averaging $3.8 million per security breach.
How do companies protect their intellectual property?
Luckily there are ways to protect your business, with options to secure documents online using password protection, access protection and encrypting files to restrict unauthorised access.
However, there needs to be more emphasis made towards BYOD issues than just tech security.
With 34% of Australian business owners believing that a lack of employee knowledge or skills around data security will be the most significant security risk to their business over the next 5 years, it’s important to implement the following steps to further minimize the damage:
Step 1: Resources
Make sure you have skilled IT and HR workers on board to support you, either in-house or outsourced, that can offer expert advice and have the ability to act fast when there is a breach, decreasing any risks.
Step 2: Policy and Procedure
Every business should have an IT policy in place if employees are regularly using computers, email, internet and corporate software.
Stipulations of what measures will be taken should a breach take place and who would be held accountable need to be made extremely clear.
Step 3: BYOD Training & Awareness
Employees need to be made aware of the company requirements such as:
- • The benefits and dangers of BYOD.
- • What software will be installed on personal devices and addressing what operating systems and applications support the software.
- • Details of expense reimbursements, if applicable.
- • Security procedures for passwords, public Wi-Fi connections, device loss or theft.
- • Responsibilities of device users.
- • Training to use corporate resources including VPN, corporate email and CRM system.
- • Who to contact for tech support.
- • How to uninstall software and steps to take when leaving the company.
If you need assistance implementing HR policies or procedures, please don’t hesitate to get in touch with Human Resource Services on 0755301571.
