Industry leaders around the globe are always looking for new ways to increase productivity and innovation within their companies. Because new technology is becoming available to the market daily, it can be difficult for an organization to stay current with new devices. These needs have bred new bring your own device, or BYOD, policies to many companies throughout the world.  However, the lack of monitoring and control over these personal devices has made BYOD security an overnight concern.

According to a leading information technology research company, Gartner Inc, “the rise of [BYOD] programs is the single most radical shift in the economics of client computing for business since PCs invaded the workplace.”  Regardless of whether you want to allow personal devices in the workplace, every company needs a BYOD policy and make a decision on the issue.

A Microsoft study reported that 67 % of people currently use personal devices at work, while only 42% of companies who were surveyed, by Moka5, have BYOD policies in effect. This contrast helps bring light to the security risks associated with personal devices in the workplace. Since a company can choose so many different routes of implementation it is imperative that a security plan is in effect whether personal devices are allowed or not.

Convenience of any kind has always come at a price. An employee’s personal device could be being used in a myriad of ways to access both sensitive and perilous networks and services. Due to these possible risks, some organizations issue devices specifically for unfiltered internet use, termed as inverse BYOD.  Other organizations provide guest hotspots specifically for those personal devices that employees want to take onto the network.

BYOD policies have resulted in severe data breaches in the past and if a company does not have appropriate security policies in place, the information security of a company could be in danger. If an employee uses a smartphone to access the company resources and then loses that phone, anyone could retrieve any unsecured data.

Personal devices may also increase insider threats.  With BYOD policies allowing employee devices in the workplace, the possibility of employees leaving the company with sensitive data is significantly increased. These are just a few of the possible scenarios in which BYOD and personal devices could weaken your data security.

To ensure theses personal devices are secured, companies need to track the configuration of devices that are being used and ensure basic security precautions are taken on all devices. For instance, all devices should use a lock screen, networks should never allow rooted or jailbroken devices, and all mobile applications should be kept up to date.   It is also recommended for organizations to use mobile auditing tools that report on the configuration of mobile devices and ensure they’re being used properly.

Since a company’s data is always a number one priority to keep secure, an IT department must plan for problems. Bring your own device policies reduce risk, but don’t eliminate it entirely. Be sure to have a plan if a data breach were to occur and ensure that users know who to contact in case of an issue. Perform regular audits and revisit procedures often with employees, ensuring everyone is aware of the policies in place.

With these procedures and guidelines, BYOD and handling the security of personal devices in the workplace should no longer be a daunting task.  Simply be requiring special processes for those devices (and having the technology to enforce those processes), the company can allow employees to bring their own devices while still enforcing security best practices.