Small companies often ignore the risks associated with BYOD

The risks associated with the policy BYOD (bring personal devices to work) are still often ignored by the company. Many small business owners believe that the BYOD policy does not constitute any threat to their business, and sees no need to ensure security of mobile devices. While the employees themselves believe that in this respect, the responsibility lies on their business – as is apparent from the studies conducted by Kaspersky Lab.

Given that, as the research shows, private mobile devices are now being used for the purposes of work by two-thirds (62%) of business owners and employees around the world, BYOD policy is no longer just a growing trend, but a common business practice. Applies to companies of any size-from a very large (5000 + employees) small (less than 25 employees).

However, the relationship to the protection of data on mobile devices is far from an ideal approach to security. Study of Kaspersky Lab about threats to the security of the customers showed that six in ten (60%) of respondents fear surveillance and steal information through mobile devices, but does not provide a actively protection, expecting it to take care of their employer. Meanwhile, employees often store files related to work on his private notebooks, tablets and Smartphones, including: email, password for email accounts or corporate network or VPN.

When it comes to employers and small business owners, one-third (32%) of them sees absolutely no risk in this, that the staff uses private mobile devices for work-related purposes. The risk of data theft from your mobile device the employee does not constitute for them urgency problem, so do not pay too much attention to it. A greater concern with the possibility of loss of mobile devices by employees show representatives of larger companies: 58% of them are concerned that the theft or loss of the device may cause harm to the company.

Such an approach, both on the part of the owners of the devices and their bosses – creates a serious loophole in the security system on a corporate network. This weak point can potentially be used by cyber criminals or unscrupulous competition. The risk of financial loss (e.g. due to loss of customers) always exists, even if popular opinion lost mobile device cannot do any damage to the company. In this situation, the mobile environment is a key element of security.

"A businessman who does not use your personal mobile device for the purposes of the work, is more and more a rarity. Laptop, tablet or Smartphone allows remote execution of a substantial part of their duties from anywhere. However, the loss of important business data through personal devices is quite a common occurrence, and neglecting safety issues for mobile devices may constitute a serious risk to your business. This is why it is so important to use a reliable and specialized solutions that can meet all the modern requirements and market trends, "said Konstantin Voronkov, head of product management points the final, Kaspersky Lab.

Among the first measures should plan organizations in order to secure the implementation of the policy, the private use assessment BYOD devices for the purposes of the work and the choice of cyber security solutions, that would ensure effective protection against malware and other cyber threats, as well as allow easy management via a single console, for example. the solution of Kaspersky Security for Mobile or Kaspersky Small Office Security. Kaspersky Small Office Security provides comprehensive security, this provides reliable protection to mobile devices, in particular for small companies that don't have too much time or resources to manage IT.

An important step should also be trained to, among other things, he was sensitive to the social engineering tricks (such as fake phones from your bank or the police for example asking for numbers in recently via text message, which may be the actual one-time passwords to your bank account, Apple or Google ID), check the QR codes (which might lead to phishing sites, if a real QR code printed was a fake picture) and immediately report loss of mobile device. The Organization should carefully develop scenarios for removing the private corporate network, if they are lost or stolen, or if the employee leaves the company. In such cases, you must first create a procedure for erasing confidential company data from such devices and block access to them from the corporate network.

Source: Kaspersky Lab

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.