Tuesday, 11 March 2014
One comments

BYOD: A Security Risk or A Matter of Employee Productivity

BYOD: A security risk or a Matter of Employee Productivity

Wherever you go, you always keep your device (Smartphone, laptop, PDAs) with you. With evolving Smartphone concept, a BYOD (Bring Your Own Device) trend becomes popular in organizations. The concept of BYOD comes, when employees carry their personal device at the workplace, and connect to secure corporate network. At workplace, organizations should consider BYOD policy to make their employees secure and help IT department in managing such devices. A proper implementation of BYOD policy helps to make transparent network security by ensuring that employees are still obeying according to company governance policy and company security parameters.

What BYOD policy includes?

BYOD policy comprises the security requirements for each personal device, which is used by employee in the organization. It includes password configuration of device, prohibition of unknown software installation, data encryption, limiting activities like social sites engagement, email usage, carry out official data outside workplace, periodic IT audit to ensure the compliance of such policy.

Why BYOD Policy is Must?

The more products and services become accessible via mobile platform; security aspect becomes difficult for both organization and employee.
If organization does not adopt a policy for personal device, then the official data that employee carries in their Smartphone remains vulnerable. For example, when you are in cafe using unprotected WI-FI network, you might not be aware about the hacker who is monitoring your device, and can read all official data exists in your device. Another example, if your son or daughter accesses your Smartphone and clicks innocently on a banner ad that contain data stealing malware then the corporate information would be no longer safe on your device. It is true that BYOD brings flexibility and accessibility, but also brings security risks that help cyber attacker to swipe confidential data without your awareness.

Benefits of BYOD:

  1. There are several benefits associated with BYOD from both enterprise and employee point of view.
  2. When employees have their own device they use for personal and business purpose that could bring more productivity and mitigate frustration.
  3. The company can get rid from purchasing high-priced device for employees. Employees can take better care of their devices.
  4. The flexibility of employees will increase, and they can work remotely and do not need multiple devices while travelling from one place to another place.
  5. Even job hunters give the organization first preference that has BYOD policy. A well-defined policy helps recruiters to hire top talent in organization.

Disadvantages of BYOD:

Along with benefits, there are several disadvantages with BYOD concept.
  1. Data security is a main concern in BYOD. Employees can put an organization at risk, if an organization is not following strict policy for personal use of the device.
  2. When an employee leaves the company, retrieving of official data and information is worrisome because these data is quit important for organization. In this case, a written signed BYOD policy should be implemented helps to get back confidential data from an employee.
  3. All employees do not regular update their device with the latest hardware and software updates thus their devices become weak against updated patches. Even many of them do not install antivirus in their Smartphone, which is a serious concern, and could welcome malware attack.
  4.  Employees should lock their device. If the device is not protected with password or biometric security, then an unknown person can easily access personal data of the device.
  5. What we showed from the above piece of information is that BYOD has two sides of a coin. If organizations follow strict policy about the personal use of the device, then it will enhance the efficiency of employees. For that, the IT department should discuss with employees, and aware them about the risks involved in infringement of BYOD policy. 

About the Author:
Abel Wike is the head of fraud prevention division at ClickSSL. She likes to focus on many security concepts including data breach prevention, security researches, data monitoring etc.


  1. BYOD does require that corporations have a policy in place and preferable some MDM solution that can contain corporate data to a "container" with remote-wipe capabilities as well in case phone were lost or compromised. Fragmentation of Android at the carrier level with OS updates often not being supported after the first 6 months make it very difficult to maintain latest patch levels on Android phones, this is why iOS which updates are pushed directly from Apple and not filtered by carrier are popular in companies now.


Toggle Footer