Bring Your Own Virus

Bring your own device has been widely talked about for several years now, and it’s inherent dangers should be widely known. Yet according to IT research and advisory company Gartner 38 percent of employers expect to stop providing devices to employees by 2016 and 50 percent will demand their employees bring their own devices by 2017[1].

There’s no denying that BYOD has it’s advantages, according to a Cisco study conducted in 2013 the average BOYD user saves 37 minutes per week, with the US saving an estimated 81 minutes per week[2].

However the flip side to time saved and employee happiness is that implementing a BYOD policy opens up a whole host of attack vectors that your company is unlikely to be ready for.

One of the most prominent issues is the nature of personal devices today, and the multitude of applications stored onto them. If a user brings a device into work with a rouge application knowingly or mistakenly it is entirely possible that the data collected could be used in an attack against the company.

Equally the threat posed if an employee loses their device can be a major problem, without the ability to monitor the employees use of their devices trade in’s, repairs and even casual use can all pose a threat to the integrity of company data.

Privacy is also a concern, it is not considered ethical to ensure compliance by monitoring the use of personal devices, however it’s a given that at some point at least one employee will browse malicious sites or mistakenly download a virus and this can easily lead to hole’s in the companies security.

Whilst these potential pitfalls can be avoided by implementing strict download policies, monitoring or ensuring passcodes on devices and ensuring 24/7 use of a threat and vulnerability scanner/firewall it is imperative that companies recognize both the real cost effectiveness of implementing BYOD aswell as the many avenues of attack that will be opened if BYOD is implemented without foresight.

[1] ‘Gartner Predicts by 2017, Half of Employers will Require Employees to Supply Their Own Device for Work Purposes‘ Available From: (http://www.gartner.com/newsroom/id/2466615) 1st May 2013 [Accessed 24th November 2015]

[2] Jeff Loucks The Financial Impact of BYOD‘ Available From: (https://www.cisco.com/web/about/ac79/docs/re/byod/BYOD-Economics_Econ_Analysis.pdf) 2013 [Accessed 24th November 2015]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s