The concept of bring your own device (BYOD) is not new, but with the abrupt shift to remote/hybrid work forced businesses that once balked at the idea to accept it, if not embrace it. Employees have always used their smartphones to access work emails and chats, but the COVID-19 pandemic massively accelerated the trend of employees working from their personal devices, laptops and/or desktops using their home Wi-Fi networks.
There has been a significant increase in the adoption of BYOD within enterprises, with 59% of firms adopting BYOD and 69% of IT decision-makers in the U.S. seeing the benefits of BYOD.
This concept of IT consumerization—where individuals can use their own hardware and software within the enterprise—remains a source of concern as it jeopardizes corporate data confidentiality and security. Even with corporate-provided work devices and secure corporate networks, the frequency of cyberattacks is climbing. As a result, businesses are understandably cautious about allowing their users to use their own devices—but one way or another, enterprises will have to get comfortable with this new normal.
The BYOD Battle
2021 saw a lot of security breaches, with one poll revealing that 74% of organizations fell prey to attacks due to human error on the part of their employees. Threats lurking in cyberspace are hardly news to corporations, but what enterprises now deal with isn’t just ransomware, but its new, nastier form—double-extortion ransomware. While phishing remains a problem, a slew of new attacks has emerged, including credential stuffing, social engineering attacks, accidental sharing, sensitive data thefts and associated litigations, shadow IT and malware attacks. Business executives are understandably wary of embracing BYOD; corporations cannot afford to rely on their employees for security when a single click on a phishing email is enough to bring a company to its knees. Humans continue to be the weakest link in the information security chain.
A Matter of Containerization
Enterprises are waking up to the need to enforce their BYOD policies to secure their data. Setting up solid alphanumeric passwords, installing anti-virus programs, enforcing inactive timeouts and encrypting devices are a part of the mandate and continue to play their part in ensuring security. However, while organizations prioritize data, employees want to maintain their privacy, and may find regulations inconvenient. The concept of containerization, which separates personal data and work data on a personal device, is a BYOD management feature that can provide both data security and individual privacy.
Containerization demarcates personal and professional activity by creating an encrypted work profile within the employee’s device allowing business and personal apps and data to coexist on a single device. Additionally, advanced encryption standards applied within the container ensure that data cannot be accessed outside the container. If the device is compromised, selective wipes restricted to the work container alone can delete sensitive information. The risk of bleeding between corporate and personal digital data spaces can be addressed via app management, where personal apps can be blocked from accessing corporate data and vice versa.
With so many businesses migrating to the cloud, it’s important to consider how to mitigate the risks involved in making the shift. While containerization separates corporate data from personal data, data loss prevention (DLP) solutions could also help keep track of employees’ movements and prevent unauthorized access.
However, managing a fleet of BYOD devices from different platforms and of different types is challenging. Unified endpoint management (UEM) solutions could be a solution for businesses looking to manage these fleets of devices.
BYODs is Finally Mainstream
Though data risks acted as a hurdle to BYOD adoption, times have changed and so has technology. With its inherent benefits, the BYOD market size is predicted to reach $366.95 billion by 2022, up from the $30 billion in 2014. Though corporate-owned personally enabled (COPE) and corporate-owned business only (COBO) remain a priority, BYOD has found a home within companies as the new normal.