Bring Your Own Devices – BYOD Challenges

Bring your Own Devices or Bring Your Organisation Down?

BYOD Statistics

Secure corporate infrastructure: Ensure mobile devices are sanitised!

A significantly large number of employees have started bringing their devices to work, akin to chefs using their own knives.  Organisations should get their security policy in place before the proliferation of these devices pose a significant risk to the organisation.

As an example, IBM provides Blackberrys for about 40,000 of its 400,000 workers while 80,000 more use their own smartphones or tablets to access IBM networks. Soon IBM realised that it did not have a grasp on which services and apps employees were using on their phones.

BYOD support will put a tremendous amount of strain on an IT support department according to a CISCO Systems study, BYOD will bring multiple devices with different apps; and organisations have to ensure quality of service for organisational apps.

  1. Devise a BYOD policy that dove-tails with your current policy, by involving managers from all departments. Has your legal department evaluated the privacy legal risks?
  2. Build a comprehensive AUA (Acceptable Use Agreement). Will users devices be seized if there is a legal dispute?
  3. Are the devices in use wipe selective? Keep the separation between corporate and mobile data.
  4. Work out a simple and secure enrollment strategy, and allow users to configure their devices seamlessly.
  5. Monitor the devices, ensure that jailbroken devices do not hold corporate data. What is the maximum exposure time that has been factored in, say, between discovery of the loss of the mobile device and closure of access?

Many banish the BYOD challenges as myths and say it’s relatively simple, I personally do not think so. Policy development, implementation, sourcing of the right MDM tool, negotiation, vendor selection, deployment, awareness all take considerable time. Organisations are just getting to grips on PC/Server hardening and Endpoint protection, and now have to deal with the BYOD challenge.

Who is paying for the mobile data charges? As long as you are on the company WiFi that’s great! But, what about if you are mobile? With ShadowIT and the rise of the underground IT, workers are using more of their own devices, applications and facilties to do the work that their employers need them to do.

Further Reading

Ken Hess on the significant BYOD flaw discovery

James Kendrick thinks that BYOD will cause burnout, putting workers on emails even during vacation.

10 BYOD MDM suites that you can select from

BYOD drives IT underground

IBM stung by BYOD pitfalls

BYOD: The downside is beginning to show

10 Myths of BYOD in the enterprise

Legal Implications of BYOD

Defending cyberspace – The next frontier

Defending cyberspace-the next frontier

Defending cyberspace-the next frontier

Picture this, you have all the locks fitted on your front door, but your next door neighbour (sharing a common wall) has almost non-existent security. Could a burglar get to your stuff?

In today’s world, we are all connected in cyberspace, just like the next door neighbour and just not through a common wall. Bluetooth, Wi-Fi or maybe a wired connection can all be an open access not only to our data but to others as well. What if we used our insecure smartphone to access corporate data, while someone sitting a few feet away then piggybacked on our device and accessed the data?

So now not only have we exposed our data but at the same time created an easy access. What if the latest app that we downloaded for free was not an innocuous app but in reality a trojan that will transform our device into a spy phone for other foreign powers? While BYOD (Bring Your Own Devices) to work is the most logical thing to do, organisations are rushing to secure this space.

From 1970 the internet aka cyberspace has grown from 40 users to just about 2 Billion (2010) according to the Google/WorldBank data. This is now termed as the most complex man-made universe as we know it – Cyberspace. 800 million smartphone users (2011), 12 Billion devices connected online and this will soar even further. The number of internet connected devices is set to explode in the next four years to over 15 billion – twice the world’s population by 2015.

Cyberattacks occur almost every hour, for example in Israel alone 1000 cyber attacks take place every minute, smaller cities in India face a higher threat. The cost of cybercrime in Europe alone is a staggering 750 billion Euros a year. Several cyberintrusions have been reported against government systems, banking systems, utility services communications, defence contractors and security companies.

The firmware and applications may have flaws and vulnerabilities that could enable hackers to gain access to your digital assets or even use your device to launch an attack. A KPMG survey showed that 83% of respondents felt that mobile employees and home workers using the same IT hardware for business and personal use will contribute to an increased e-crime risk for the organisation. The survey also showed that 92% believed the use of consumer oriented IT hardware with internet connectivity such as smart phones and tablet computers, for business related purposes will contribute to an increased e-crime risk for the organisation.

The question is: How can you secure your family, organisation and nation from this growing peril that threatens to destroy, manipulate and render your digital data inaccessible or your private personal information right there in the open for the world to see? Safeguarding your digital assets will be the most important thing that you can do!

Further reading

BBC News – Cisco predicts internet device boom

Google – Internet Stats

Interpol President: 1,000 Cyber Attacks Per Minute in Israel

More Cyberattacks or Just More Media Attention?

The e-Crime Report 2011 – A KPMG study

Understanding cyberspace is key to defending against digital attacks – The Washington Post

World Development Indicators – Google Public Data Explore