Bring your own device (BYOD) programs, where employees use their own devices for work purposes, present IT managers with both benefits and challenges.
A recent Intel survey of IT managers and end users found widespread support for providing BYOD policies. However, while productivity benefits were seen by respondents as a key driver, costs took a surprising back seat. Nearly all IT managers reported concerns about security for employee-owned devices – from meeting compliance regulations and securing data, to managing lost or stolen devices. In response to this threat, companies need to ensure encryption of employee-owned devices. This—coupled with the wide range of different mobile devices available that might require different servers to operate—could result in additional costs to the employer. A BYOD policy should clearly state the responsibility of the employee to report a lost or stolen device, including procedures for the company to remotely erase data from devices in such an event. In addition, the encryption of mobile devices is a key underwriting rating criteria for a cyber-insurance policy. The absence of such measures, including a robust disaster recovery plan could result in higher premiums for cyber liability cover. Mitigating the additional risks and potential costs of a BYOD policy should be a priority in boardrooms, rather than left to IT departments to deal with in isolation.
|This post was part of our SPOTLIGHT ON CYBER: Is Any Industry Safe?, published June 25, 2013. The feature also included these other risks:|