Bring Your Own Device (BYOD) is a trend whereby employee-owned devices are being used within a business. Bring Your Own Device (BYOD) policies enable employees to use the same devices for personal and office use. Allowing them to work remotely if need be (Remote Working Security Risks).
This is a trend that is growing rapidly due to the myriad of benefits it provides both the business and the employee. As of 2015, 82% of organizations are accepting the use of personal devices for work-related purposes. Bring Your Own Device (BYOD) market is estimated to increase by 15% every year until 2022. From a starting value of $30 billion in 2014.
Bring Your Own Device (BYOD) Security
The greatest weakness of Bring Your Own Device is the security risks that come with it (BYOD Security Risks). For the 26% of Tech Pro Research’s survey respondents who have not adopted – nor are planning to – Bring Your Own Device, security concerns were the most common reason as to why.
Employee devices will not have the same security measurements that an organization’s device will have. And any security measurements a personal device has will not be suitable to protect against corporate data breaches or network intrusion. This is a grave threat demonstrated by the fact that 50% of companies that allowed bring your own device were breached by an employee-owned device.
Employees Can Be Targets for Attacks
Employees can walk away with a significant amount of data on their devices and can, therefore, be targets for attacks, especially in situations involving Bring Your Own Device (BYOD ) policies. These attacks can occur when an employee uses their device remotely and connects to a public WiFi hotspot whereby a hacker can infiltrate the device.
Similarly, using public charging kiosks that have been manipulated allows a perpetrator to gain remote access to the device. Social engineering of cyberattacks also present a risk. Should “someone” approach an employee looking distressed and say “Hey, my phone has been stolen, can I borrow yours to make a call?”. That “someone”, who is actually a bad actor, can use the employee’s phone to gain access to sensitive information and data (Human factors in cybersecurity).
Malware can get onto mobile devices numerous ways including through spam emails, links and rogue programs or apps. Similarly, trojan malware can be embedded through SMS messages and social network links.
Spoofed peripherals also have the ability to inject malware onto the endpoint to which they are connected. Malware is perilous as it can spread to other devices on the business’ network, generating considerable damage. US mobile malware rates are increasing by 75% each year. With Apple’s operating system receiving five times more malware in 2015 than in the five years previous. These figures indicate a growing risk to organizations that permit bring your own device.
Bring Your Own Device (BYOD) Facilitates Their Operations
Stealing or acquiring lost devices is an alternative way for hackers to access the organization’s network and obtain valuable information. The best intrusion-detection system and anti-virus software will be futile if this happens.
Password protected devices are not safe either as circumventing a password on a stolen/lost device is no challenge for a hacker.
Insider threat also pose a to an organization and bring your own device facilitates their operations. Mobile devices make it easier for malicious employees to access the company’s network and pilfer sensitive data.
Encrypting data that goes beyond the control of the organization is necessary and it should be performed throughout the data’s life cycle. 76% of companies do not encrypt mobile devices, which makes them extremely vulnerable. Furthermore, the IT department should take control of encryption keys to prevent unauthorized access and to maintain the encryption, should a breach transpire.
Application Installation Control
Some devices and operating systems enable the IT department to manage the installation of applications on an employee’s device. This feature is provided by iOS and Android operating systems. However, employees may perceive it as an encroachment on their freedom.
Mobile Device Management
Mobile device management (MDM) is a solution that gives the organization the capacity to secure, monitor, manage and support mobile devices centrally by integrating them into a network. However, taking advantage of this could create a restrictive user experience for the employee.
This method segregates a portion of the device into its own protected bubble, separate from the other applications and content on the device, and it requires password access.
The opposite of blacklisting, whitelisting gives employees access only to a list of approved applications. This can be a more appealing solution to employees as there is a more extensive range of applications and websites that exist.
An organization can use this feature to block apps and websites considered security threats or those that could hinder productivity, like games and social networking apps.
Hardware Security With Bring Your Own Device (BYOD)
Many times, enterprises’ IT and security teams struggle in providing complete and accurate visibility into their hardware assets. Especially in today’s extremely challenging IT/OT/IoT environment. This is due to the fact that often, there is a lack of visibility, which leads to a weakened policy enforcement of hardware access, including Bring Your Own Device (BYOD) scenarios.
This may result in security accidents, such as ransomware attacks, data leakage, etc. In order to address this challenge, ultimate visibility into your Hardware assets is required. Regardless of their characteristics and the interface used for connection as attackers. Moreover, it is important to be practical and adjust to the dynamic Cybersecurity defenses put in place to block them, as well as take advantage of the “blind” spots. Mainly through USB Human Interface Device (HID) emulating devices or Physical layer network implants.
Sepio’s platform, identifies, detects and handles all peripherals. No device goes unmanaged. The only company in the world to undertake physical layer visibility fingerprinting. It generates a digital fingerprint using the device descriptors of all connected peripherals. It then compares these descriptors against a well-established database of malicious devices, effectively initiating automatic attack prevention. With Machine Learning, the software analyses device behavior to identify abnormalities, such as a mouse acting as a keyboard.Bring Your Onw Device - E-Book