2 minute read
Bring Your Own Device: Worth the Risk?
Growing trend of employee-owned devices in workplace presents challenges, benefits
BY KRIS BEVILL
Walk into any office and ask for a show of hands from everyone who owns a smart phone or tablet. Odds are good the majority of people in the room do. Ask how many of those people use their personal devices for work purposes and it’s likely that nearly just as many people will say they do, although many of their employers lack any type of policy regulating that use of technology, potentially leaving them at risk for security breaches.
The phrase “Bring Your Own Device,” or BYOD, began creeping into the business vernacular several years ago in response to the growing trend of employees using personal electronic devices to do work and the need for businesses to manage that use. This employee-led trend is used to varying degrees depending on the business and employee — ranging from accessing email to creating company-owned data on personal devices — but the trend is undoubtedly growing, particularly as more millenials enter the workforce and demand easy access to any number of technological tools.
While BYOD certainly offers benefits to employers, such as extended virtual office hours and increased productivity, it also presents security risks that information technology (IT) experts say should be addressed before potential damage is done. However, many businesses have yet to create BYOD polices, or even acknowledge that the practice is occurring in their office.
Brett Anderson, a senior consultant in the interactive services department at Fargo-based Network Center Inc., says many companies in the area have taken a “wait-and-see” approach regarding BYOD. “Employees are bringing their devices, connecting to the network, but a majority of the businesses aren’t taking a lot of precautions around security or driving productivity,” he says.
Anderson says he encourages businesses to embrace the trend but to also develop a policy around the use of personal devices and inform employees what steps will be taken to protect the company’s security.
“That’s the place you start first,” he says. “What are the risks if your phone is attached to their network or they’ve got corporate assets on their device and it’s lost? What are the ramifications? Do you wipe the device, use a device locator, wipe the company email box?”
Anderson compares a BYOD policy to insurance in that businesses must weigh their acceptable risk level against the time and financial costs required to protect against those risks. Company management of BYOD can vary widely depending on each industry, from no policy or recognition of the risks and benefits of BYOD to strict policies restricting personal device use, which are most typically applied in tightly regulated industries such as banking and health care. According to Anderson, most companies fall in between the two extremes.
While security should be a major consideration for businesses, BYOD also offers benefits to both employer and employee. A white paper released by network security provider EdgeWave cites a number of reasons why employees are driving BYOD in the workplace, including a desire for newer, faster and higher performance than the hardware provided by their employer provides. The paper also points out the reality that many employees have multiple workspaces and enabling easy access to work files allows them to continue working from anywhere. Anderson also notes that while traditional IT adoption comes from the top down via company-issued computers, etc., millenials are changing that dynamic as they enter the workforce and educate employers on the technology tools they require to be most productive.
For business leaders not already attune to the risks and benefits of BYOD, Anderson recommends consulting with an IT professional to assist in assessing the company’s level of risk and potential policy implementation. PB
Kris Bevill Editor, Prairie Business 701-306-8561, kbevill@prairiebizmag.com
