The BYOD risks and pitfalls (Part 1)

For the typical support group, there has never been a greater push from their users to adopt a new paradigm than now with Bring your Own Device (BYOD).  This is not solely limited to users wanting to to connect their personally owned iPhone or Galaxy S III to the corporate email. This is a giant push to allow personally owned notebook computers, tablets, and yes, in some cases desktops, to connect to the internal network and use the resources and data available within the local area network.

This is not going away.  It will become even more ingrained as time goes on, and will become a much larger problem  than what most people will think (OK, security people get this and understand the risk). It is not just the risk from hacking or intrusion on your network. Its also what data is going out the door everyday, potentially unprotected, on your employees personally owned devices.

Think of this scenario:

Richard works for the largest semiconductor company (MCSaint) and uses his personally owned MacBook Air for work.  He has used it since the company adopted BYOD last year.  Since the company doesn’t support Macs officially, and Richard felt he would be more productive using OSX over Windows, he used his personal monies to purchase the MacBook Air.  He has been very productive and he works even longer hours than he did before. Now Richard is being courted by the second largest Semiconductor company (LowTel). Richard decides he could be a larger fish in the smaller pond, so he jumps to the new company and takes his personally owned MacBook Air with him.

In this scenario, Richard casually takes his personally owned MacBook Air from one company to another. All of the work data and product is stored on this system.  Of course he signed an agreement to destroy any data he may have, but over time it does in fact become harder and harder to do so for the typical user, especially with automatic backups to home based NAS systems, nothing is ever completely removed.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *