The challenges in implementing a BYOD model
While BYOD certainly offers numerous benefits to SMBs, it also unleashes a new set of challenges, many similar to those enterprise organizations are grappling with. Andy Trevor, IT consultant and SMB specialist made an interesting comment on his blog. He said, on the surface, BYOD is a simple idea, however underneath that simple idea it is a very complicated solution. That’s because it impacts diverse areas of the organization, not just the IT department and encompasses multiple devices, applications, operating systems and cloud storage - all of which escalates security risks within the enterprise - and it is then that BYOD turns out to be the biggest challenge for SMEs.
In such a scenario, SMBs often put themselves at risk of massive data loss and large scale security breaches by letting employees access business networks on their personal devices. Unfortunately, unlike their larger counterparts, they lack an established security department and do not have adequate security tools at their disposal.
Internal threats: Research reveals that company’s own employees are the biggest threat to company data. Employees are at the risk of losing data when their devices are stolen or not sufficiently secured from data-stealing malware. Smaller organizations have a slightly higher rate of data breaches because of inattentive or malicious employees or insiders. Employees risk losing important company data via their mobile by connecting to unsecure wireless networks, visiting malicious websites, downloading unapproved apps and leaving the mobile device unattended.
External threats: Mobile devices also have a high risk of theft. In fact, smartphones and mobile phones make up 30 to 40 per cent of all robberies in major cities in the U.S alone last year, according to a Ponemon report. SMBs must realize that mobile devices need the same if not even more protection than desktops. With the consumer smartphone experience geared towards quick and easy access to personal information, a compromised business smartphone is like giving a cybercriminal complete access to critical company data. Most of the time these devices are not insured and this is also a matter of concern for organizations and something to think about before they allow BYOD practice in their enterprise.
The other challenge for SMEs in BYOD is that cybercriminals have always attacked the most popular OS to maximize their potential number of victims. Android, the second most supported mobile OS in SMBs today, is constantly attacked by cybercriminals. Security firm Trend Micro observes over 129,000 malicious apps created to target Android users in 2012. Although Android will continue to be the preferred choice for SMBs, they must also consider the amount of malware targeting the platform and create adequate security policies to address their BYOD challenges.
BYOD has therefore created a unique set of challenges for IT managers and security profes¬sionals in the SMBs, who are expected to maintain control over corporate data security and provide a user expe-rience fostering happy and productive employees. To avoid the various threats posed by this mobility trend, one of the main considerations for SMBs is to set up a BYOD policy and follow certain best practices.