The twenty-first century ushered in a number of new trends, but two have been unique to computing. The first trend was the smartphone, which has revolutionized everything from communication to software development. The second trend, known as BYOD or bring-your-own-device, is actually a direct result of the mobile device trend and the fact that more and more companies have allowed employees to bring their mobile devices to work. The logical result was that more and more company work was done on personal devices and companies quickly realized that they could save boat loads of money if they had employees bring their own devices to work.
As of 2012, 81% of employees reported using a personal device for company business. At that time, InformationWeek predicted that the BYOD trend would not only continue, but that it would become a major recruiting tool as more and more firms looked to “personalize” the work experience. According to some, the BYOD market (services and software specifically tailored to help companies implement BYOD policies) will be worth more than $181 billion by 2017.
For all of the benefits of BYOD, like improving employee morale, there are drawbacks. The most obvious and concerning drawback comes down to data security. In fact, the majority of the $181 billion mentioned above will be spent on security measures intended to keep data on employee devices safe. What are the security concerns that BYOD policies raise and how can they be addressed?
BYOD Security and Unknown Apps
When companies own a device, they also control the software that is installed on it. The same is not true of BYOD devices. This difference raises the potential that third-party apps, installed by an employee on his or her personal device, will have easy access to company data stored on employees’ devices. The problem is exacerbated by the fact that requiring security on personal devices can be a real headache for IT departments.
To address the problem of dangerous apps, companies have used to several strategies. The first strategy is to create blacklists of at-risk software that employees should not install. Employees who install blacklisted software are at risk of sanction or even termination. The second solution to third-party app intrusion is to separate personal and corporate data. This strategy will likely provide the better solution in the long term, but is still in its early stages.
Stolen, Lost, or Discarded Devices
Mobile devices are easily lost and when that happens, the data they contains is also lost. While passwords and PINs can help secure data on lost devices, these solutions aren’t perfect. Further compounding the problem is the issue of disposal. While many recycling companies, take great care in erasing user data before they recycle a device, there is no guarantee that every company will be as cautious. Protecting sensitive data when a phone is no longer in the possession of the employee is a major hurdle for BYOD.
Data Integrity and Tracking
Data is the lifeblood of many corporations and keeping track of intellectual property is an ongoing task. Unfortunately, BYOD policies can make data tracking even more difficult by disseminating company information across multiple devices rather than keeping it consolidated. The BYOD policy also affects data integrity because enforcing back-up policies can be difficult. The most obvious solution to this problem appears to be limiting the amounts and types of data that employees can store. This will continue to be the predominant approach until software solutions rise to meet the challenge of securing and consolidating disseminated data.
BYOD Is Here to Stay
Despite the problems mentioned, the BYOD trend is only expected to grow. The advantages outweigh the risks and, with experience, the balance should only tip further toward widespread adoption of BYOD policies. It is likely that cloud computing will provide most of the solutions to the above problems going forward. Rather than BYOD, many predict that BYID (Bring Your ID) will be the trend of the future. Employees will be able to access secure company servers from any device (their own included) simply by using their passwords and IDs. Whatever the ultimate solution, the use of personal devices to do company work is a trend that will continue to grow over the coming years.
Photo Credit: Wikimedia/Krlbch