Thursday, October 24, 2013


Many offices now allow workers to bring their own smartphones and tablets to work – a practice that has been described as “bring your own disaster” by IT wags for decades.

Mixing the private and the professional CAN certainly bring disaster – especially when experts from security trade body ISACA estimate that 30-40% of BYOD devices are brought in “under the radar”.

Workers also tend to resist simple, sensible steps such as having devices inspected – and commit far more basic errors such as failing to lock devices.“The phenomenon of organizations allowing or encouraging their employees to use their own computing devices for work–known as Bring Your Own Device, or BYOD–is now widespread in many countries, (Kenya not an exception), bringing with it some serious risks to companys' networks and data.” ESET Senior Security Researcher Stephen Cobb

Disasters, of course, can and DO happen – however, here are a few tips that can help you avoid being the guy who brings his own.

Lock your device – or risk your manager hating you forever
Many companies hand out smart devices for workers to access corporate emails – but many workers ignore the most basic step of all, putting a lock on the device. This means if a work phone is lost, sensitive data can be gone too. 

Don’t share your work laptop
Many work laptops come with protection built in – but the best protection in the world isn’t going to save you if your device ends up in the hands of someone who doesn’t care about your job or your data. Your family (probably) aren’t spies for another company – but even your family can take risks, such as downloading “hacked” games to play, or opening malicious Facebook links. Such could compromise data and get you in trouble at work.

Think hard about what websites you visit on your work machine
There are two good reasons for this – 1.People in your workplace may well be able to see exactly what you are doing – and 2. “risky” behaviour, such as downloading peer-to-peer or “free” software, can put your machine at increased risk of malware. In a detailed blog post on the subject,

Don’t take home that file marked “Top Secret”
It’s unlikely that your employer does keep its secrets in beige folders stamped “Top Secret”, but you should think carefully about what files belong on your mobile device, and which ones don’t. If it’s embargoed data, or financially sensitive data, it probably doesn’t belong on your smartphone. Big data leaks caused by careless workers make the news – and you don’t want your face to be on the reports.

Encryption isn’t just for James Bond
Encrypting data sounds intimidating for many computer users – but it really isn’t a “James Bond” technology. If you’ve got sensitive data on your device, encrypt it. Our in-depth advice on Android security explains how to encrypt data on Android smartphones and tablets. Both Mac and Windows offer built-in ways to encrypt files or folders, and other apps offer similar services. Keep on encrypting – I also think now is a good time to revisit your current use of encryption. What data are you encrypting? What data should you be encrypting? And how strong does that encryption need to be?

For anyone thinking that BYOD is a problem for the (near) future rather than right now, here is your wake-up call: the future is already here, including all the attendant risks. It is almost impossible to prevent people from bringing all kinds of devices into the workplace.


Post a Comment


Twitter Delicious Facebook Linkedin Stumbleupon Favorites More