Page 47 - Payout Magazine Online Volume 9.1
P. 47
ends, such as sending SMS or exporting Brother conspiracies abounded when BYOD
sensitive data. started taking off, but the issues have settled
down into concerns about whether companies
Android, being the most open mobile have a right to snoop on the personal lives of
operating system is most at risk, but Apple their employees.
devices can be corrupted as well under the right
circumstances (see below). However, legal experts are almost
unanimous in their agreement that companies
3. OS Security Risks are more concerned with how secure their data
is, rather than wanting to check up on how their
“Jailbreaking,” and “root,” are popular with employees are spending their weekends and
mobile device users because they unlock the days off.
phones capabilities and enable a user to remove
manufacturers’ “bloatware” and configuration There is definitely a line which shouldn’t be
restrictions they may have imposed on the crossed when it comes to giving organizations
device. the ability to examine an employee’s private
data - especially when there are apps on the
These procedures also open access to device which make no distinction between
unauthorized app stores which increases the personal and corporate information. All these
risk that malicious code may be downloaded and issues will need to be considered when drafting
executed on the device. Malicious code could be a BYOD policy.
designed to give remote access to cameras and
microphones, which opens a hotbed of security 7. Accidental Deletion
issues when unknown persons can access the
phone while it is in a sensitive area. It’s not a big deal when a mobile device
user accidentally deletes the latest Angry Birds
4. Unencrypted Data Connections application, but it can be catastrophic if the
data removed happens to be gigabytes of data
With more and more public Wi-Fi hotspots residing on the company server.
opening up across the country more mobile
devices are making themselves vulnerable to Cross-contamination is also a genuine
cyber-attacks via man-in-the-middle hacks concern should the eventuality arise where the
eavesdropping over an insecure connection. corporation needs to remotely wipe a device,
Bluetooth connections and other personal area which could mean that precious baby photos
networks also pose similar risks to the above. are deleted along with the corporate data.
5. Data Loss Through Theft 8. Leaky Data
A 2013 Ernst and Young study, while a Personal devices create vulnerabilities in the
little dated in 2018, tells us that 22% of mobile IT infrastructure as they are not protected by
devices will be lost or stolen during their lifetime, the company’s security systems and firewalls.
and 50% will never make it back to their rightful This challenge is in addition to workers taking
owners. their work with them while on a lunch break
where they then make use of the local fast food
Of course, we can safely assume that most chain’s public Wi-Fi.
of the devices are stolen because of their
cash value, but an increasing number are lifted Anybody snooping will be able to eavesdrop
because of the value of the data they may on the data and potentially gain access to
be storing. Personal information, along with confidential or sensitive corporate data.
corporate secrets are all at risk as more people
mix their personal life with their business life on In Conclusion
smartphones and tablets.
There is no doubt that a BYOD policy
6. Privacy Protection can create opportunities for a business to
develop and grow and provide more freedom
A personal device accessing company for workers. However, it pays to be aware of
networks provides a legal means for the inherent security risks such policies can
organizations to have access to them. Big introduce to the workplace.
PayOutMagazine 47
