Prevent-BYOD-Security-BreachesMore and more companies are allowing employee owned devices in the workplace. The purpose is to create greater freedom and efficiency in conducting business. This follows a broader, worldwide trend of smartphone, tablet, and laptop use. By the end of the year 2015 there will be approximately 2 billion smartphone users across the globe. Needless to say, this growth has revolutionized the practices of many enterprises.

While providing many benefits, “Bring Your Own Device” or BYOD also creates a host of security issues. For example, hackers may have an easier time gaining access to applications on smartphones and then have the ability to breach a company network. Sensitive data can be potentially tampered with, erased, or compromised. Companies making the transition to a BYOD system need to consider the following to prevent a possible BYOD security breach.

1.  Create a network security policy

An official comprehensive policy needs to be in place that informs participating employees what type of data their devices will hold, what they can share, and what they cannot. Employees should be educated on the various types of security breaches that could occur and how to prevent them. Training should be offered on a reoccurring basis to remind employees of the risks. 

2. Establish criteria for access

Not everyone at the company needs to access to all data. Varying levels of network access should be assigned depending on the role individual employees play. Companies can create layers of access and place each employee in a layer. Only those who need to access classified information should be given special access to it. Of course the company’s chief IT employee should be given ultimate access in order to make necessary changes. With fewer devices capable of accessing important information, the risk of a security breach is lessened.

3. Antivirus and anti-malware software

Companies should require that all employee devices install a company approved anti-virus program. For some mobile devices this isn’t as much of an issue, however, employees should always be cautious of sharing potentially virus ridden files with fellow workers. There are many options for anti-virus and ant- malware software and many people use them anyway. However, it’s important for a company to make sure it is sufficient for company data.

4. Password protection

The reality is that people lose their devices. Not to mention they can easily be stolen. When this happens, you want to make sure that sensitive data doesn’t end up in the wrong hands. All devices, whether it’s a mobile device, or laptop need to be password protected. Not only should a device require a password to gain access to it in general, individual apps and files that house important company data need to be protected as well. Layers of passwords add stronger protection, despite the fact that they may be inconvenient or even annoying for users. In addition, users should not have the passwords stored on the device itself, especially where someone else could easily find it.

5. Potential phone-wipe

Another way to prevent problems associated with a phone being lost or stolen is to use a phone wipe. This process would delete all of the information stored on a phone and could be performed by the company. Obviously, an employee’s personal information may be lost as well, so workers need to be on board with this plan from the beginning.

6. Store data in an external, offsite backup system

Employee devices cannot always be relied upon to perform perfectly. In a situation where data is lost, companies need to have a reliable backup system. Because backup hard drives also sometimes fail, many companies are looking to offsite storage options. One of the most popular of these offsite options is the cloud. Backup systems need to be monitored periodically. Companies should run tests to make sure the backup is working. Regardless of how you decide to backup data, a system needs to be in place that all employees understand.