9 Simple Solutions to BYOD Security Risks That Affect Your Company

Securing how employees can use their mobile devices to access corporate content is becoming increasingly important. The proliferation of Bring-Your-Own-Device (BYOD) initiatives where employees can use their own devices, which may not have any security software installed.

Giving your employees remote access through their own devices to corporate data and information is great, but there are risks involved. These risks are often what puts companies off of incorporating a BYOD policy into their firm, regardless of whether or not it would be beneficial to the business’s bottom line.

Take a look at the risks below and find our most efficient solutions in each case. It should be noted that Mobile Device Management* (MDM) software may be beneficial, or indeed required, to carry out some of these solutions.

*Mobile Device Management (MDM) – Security software used by companies to monitor, manage and secure employees’ mobile devices across multiple mobile service providers and across multiple mobile operating systems.

9 Simple Solutions to BYOD Security Risks That Affect Your Company

Risk: “What if our sensitive data is leaked via unprotected apps or networks?”

1. Encrypt all data passing between the network and the user’s mobile device

Network encryption secures all data passing from a mobile device to a server and back, preventing external parties from being able to read it. Common types of encryption include Virtual Private Networks (VPN)* or Secure Socket Layer (SSL)* depending on the type of service that needs to be secured.

Alternatively (or additionally), you can choose to encrypt at an app level. In doing so, if the device is lost or stolen, all the data held within the app is useless without a secure username and password. These details are stored and controlled in a central location, which means you have complete control over your data.

Many devices, particularly those made by Apple also encrypt at a device level. By forcing your user to set up passcodes and TouchID – you are also fully encrypting the device. Without these details, any data held within is non-accessible.

Want to learn more? 7 Security Tips For Your First App

2. Limit mobile devices to access only certain safe resources, such as corporate email or internal documents

Restrict the access that mobile devices owned by your employees have, and limit the files/documents that they can reach. For example, you may have sensitive data that employees will more than likely not need to access whilst they’re commuting or on a portable device.

3. Block undesirable apps from being downloaded

As a further measure, you can restrict which apps can or cannot be downloaded on your employees’ devices. This decreases the probability that the corporate data will be impacted by any external parties attempting to hack into the respective devices.

Mobile Office

Risk: “If employees leave the company they will still have access to corporate apps on their mobile devices.

4. Delete mobile data contained on the device remotely

You can wipe all corporate data remotely from a mobile device. This means that if an employee loses their mobile device or if they leave the company, all sensitive app data can be deleted – and if the mobile device is found, content can easily be restored.

5. Remotely lock down the app until the device can be fixed

You can essentially block the app ensuring that no unwanted users have access through it. This prevents any data being lost or corrupted.

6. Implement a login system that ensures the account belongs to a valid employee

Single Sign-On (SSO) is a secure and convenient way of doing this because it allows employees to log into all their apps and accounts using a single password and it enables IT to centrally manage all accounts.

Want to learn more? How to Add Additional Security to Your App With User Security

Office Security 1

Risk: “What can we do if an employee’s mobile device is lost or stolen?”

7. Require users to regularly change the password on their mobile device

To decrease the chances of hacking and virus attacks, a password policy can be implemented, requiring employees to set strong passwords for their mobile devices and to change them regularly.

Risk: “Sensitive data contained in mobile apps might be accessed by external parties.”

8. Add additional layers of security and password protection to apps

The email authentication system uses the unique email domain name of your company to verify the user. If a user doesn’t have a company email address, they can’t verify themselves and will be unable to log in.

By using this system, you can ensure that key content isn’t being accessed by non-company users. Which is great if you don’t have a private app store or a mobile device management system and you want to list your employee apps in the public app stores.

9. Use enterprise app stores to distribute apps privately to employees only

The main benefit of enterprise app stores is that they ensure apps can only be downloaded by people who are given access, often employees. Using an enterprise app store rather than the public app stores also means that apps are not subject to the public app stores’ guidelines for submission and approval times, that can take as long as 15 days for Apple.

Giving your employees the opportunity to use their own devices at work can be a great decision, but it’s important to understand the risks associated with doing it.

With the increased demand for mobile apps, has your company decided that it’s time to invest in mobile technology? Find out how Fliplet can help you create your own app in less than 20 minutes.

This content originally came from our “Everything You Need To Know About Mobile Security” eBook. Download it for free here.