While that is certainly a convenience for employees and employers alike, for the men and women who sit in the CIO’s chair, BYOD is a source of constant headaches and frustration. Data breaches can happen at any time in the most controlled environments, and personal devices ensure a loss of control that keeps CIOs and data security teams up at night.
Personal Device Use by the Numbers
Indeed, recent survey data from Finn Partners paints a grim picture surrounding the use of personal security devices by employees. While a full 55 percent of employees BYOD, only 26 percent change log-in credentials on a monthly basis. Only 25 percent of these employees update the security protocols and operating systems on their devices each month.
When you look at phishing, the root cause of 95 percent of all breaches, the numbers grow darker still. In the June 2018 Finn Partners survey, nearly 40 percent offrom a sender they didn’t recognize. Two out of every five employees admit to putting their companies at risk both in the office and on their own devices. It should come as no surprise that one in three of these employees reports having been a victim of a cyber-attack or data breach.
Solutions in Sight
There are a number of steps an organization can take to minimize the risks that stem from BYOD policies. IT departments can work to limit access to company documents and records for smartphones and tablets. It can ensure that all data downloaded is fully encrypted. Cybersecurity professionals can and should enforce remote wipe policies and passcode locks on all devices being used for company use.
But in an era where nearly 40 percent of employees are going to click a link or open an attachment from someone they don’t know, in spite of years of training and workshops teaching them not to do so, smart cybersecurity teams will need to take solutions to the next level. The best recourse is to stop phishing attacks at thebefore an employee even has the opportunity to make a company-changing mistake.
Take the Next Step in Cybersecurity
You’ll accomplish this by using preemptive anti-phishing solutions that stop phishing attacks from even entering your employee’s devices. That way you won’t have to worry about whether your employees will encounter phishing attacks at all. The risk of them compromising your organization’s sensitive data will be reduced to an all-time minimum. Taking this one step, while at the same time maintaining a continuous program of cyber hygiene, will eliminate nearly all cybersecurity threats to your company.
Kim Del Fierro is VP of Marketing for Area 1 Security.