In the good old days, taking work home from the office often meant that users had to lug stacks of files with them. Less than two decades later, although people’s workloads have not decreased, the physical load some have to carry home to continue working from there has become much lighter, oftentimes weighing no more than a few grams.
However, the convenience of carrying lightweight smartphones, tablets and laptops to and from work have created new challenges for IT departments the world over, especially since more people are starting to use their own devices for both productivity and personal activities. This trend of bring your own device (BYOD) is in fact expected to explode in the next few years.
A recent study conducted by Osterman Research on behalf of Dell surveyed 162 enterprises and found that 82% of them already allow their employees to use personally owned mobile devices to access the company e-mail, databases and applications. Network expert Cisco reports that more than 60% of employees in the United States who use smartphones for work, use the devices on a daily basis.
Worldwide, BYOD is expected to gain traction as well. In March, Research and Markets published the results of a research study based on an extensive survey of enterprise organisations around the world. The results show that as many as 65% of organisations will have adopted some level of BYOD by the end of this year, and only 11% say that they don’t have any plans to implement BYOD in the future.
“Companies are allowing BYOD, because there is a belief that it increases productivity among staff and that being able to use their own devices at work makes employees happy,” says Jayson O’Reilly, director: Sales and Innovation at security solutions provider DRS.
“Some embrace it due to the convenience it offers and the cost savings: if employees use their own devices, employers don’t need to undergo the expense of providing them with company issued phones, tablets and laptops.
“The business world is competitive, so for companies to remain in step or even have a leg up on competitors, it is important to embrace new technologies and trends. However, on the other side of the coin, BYOD is making it difficult for organisations to keep up when it comes to implementing endpoint security and compliance.”
It is those security risks that make some companies reluctant to adopt BYOD, and their fears aren’t unfounded. The Cisco survey shows that almost 40% of employees lack proper password security on their devices, more than 50% admit to accessing unsecured WiFi networks and 69% access e-mail after work hours, potentially leaving businesses extremely vulnerable during that time.
The International Association of IT Asset Managers (IAITAM) reports that 55% of mobile IT asset managers say that their firms’ networks are accessed remotely during off hours, but only 60% admit to tracking who it is and how long the activity lasts.
In IT security circles, BYOD has been nicknamed bring your own danger/disaster. The fact that BYOD is much maligned is not entirely unwarranted, O’Reilly says.
“It undoubtedly does create a huge headache for IT departments, since it creates so many different threats: from data theft, malware and viruses picked up due to downloading buggy apps, data loss, network breaches, loss of a device due to theft or misplacement, to untrustworthy employees,” he notes.
The way to solve the issue is not by stripping employees of their devices, but to implement a strong endpoint security solution.
“Endpoint security is a way to protect a corporate network by requiring every endpoint device – such as laptops, smartphones, PCs, tablets and even point of sale terminals – used to access it, to adhere to and comply with certain standards before being allowed access,” O’Reilly explains.
“Although many companies already have endpoint security solutions in place, the ongoing management of this technology is often neglected, resulting in viruses and other intrusions that end up compromising the organisation.”
Since modern endpoint security technologies are often complex and difficult to configure and manage, O’Reilly suggests outsourcing endpoint security management to security specialists such as DRS.
“DRS provides customised endpoint solutions to ensure maximum protection with minimum impact to network efficiency. We strive to provide our clients with the best security available,” O’Reilly says.
He notes that DRS has already won the trust of consumers.
“DRS currently manages the endpoint security software on more than 500 000 nodes in South Africa alone.”