Many offices now allow workers to bring their own
smartphones and tablets to work – a practice that has been described as
“bring your own disaster” by IT wags for decades.
Workers also tend to resist simple, sensible steps such as having devices inspected – and commit far more basic errors such as failing to lock devices.“The phenomenon of organizations allowing or encouraging their employees to use their own computing devices for work–known as Bring Your Own Device, or BYOD–is now widespread in many countries, (Kenya not an exception), bringing with it some serious risks to companys' networks and data.” ESET Senior Security Researcher Stephen Cobb
Disasters, of course, can and DO happen – however, here are a few tips that can help you avoid being the guy who brings his own.
Lock your device – or risk your manager hating you forever
Many companies hand out smart devices for workers to access
corporate emails – but many workers ignore the most basic step of all,
putting a lock on the device. This means if a work phone is lost,
sensitive data can be gone too.
Don’t share your work laptop
Many work laptops come with protection built in – but the best
protection in the world isn’t going to save you if your device ends up
in the hands of someone who doesn’t care about your job or your data. Your family (probably) aren’t spies for another company – but even your
family can take risks, such as downloading “hacked” games to play, or
opening malicious Facebook links. Such could compromise data
and get you in trouble at work.Think hard about what websites you visit on your work machine
There are two good reasons for this – 1.People in your
workplace may well be able to see exactly what you are doing – and 2.
“risky” behaviour, such as downloading peer-to-peer or “free” software,
can put your machine at increased risk of malware. In a detailed blog post on the subject,
Don’t take home that file marked “Top Secret”
It’s unlikely that your employer does keep its secrets in
beige folders stamped “Top Secret”, but you should think carefully about
what files belong on your mobile device, and which ones don’t. If it’s
embargoed data, or financially sensitive data, it probably doesn’t
belong on your smartphone. Big data leaks caused by careless workers
make the news – and you don’t want your face to be on the reports.
Encrypting data sounds intimidating for many computer users
– but it really isn’t a “James Bond” technology. If you’ve got sensitive data on your device, encrypt it. Our
in-depth advice on Android security explains how to encrypt data on Android smartphones and tablets.
Both Mac and Windows offer built-in ways to encrypt files or folders,
and other apps offer similar services. Keep on encrypting – I also think now
is a good time to revisit your current use of encryption. What data are
you encrypting? What data should you be encrypting? And how strong does
that encryption need to be?
For
anyone thinking that BYOD is a problem for the (near) future rather than
right now, here is your wake-up call: the future is already here,
including all the attendant risks. It is almost impossible to prevent
people from bringing all kinds of devices into the workplace.
