Image: Shutterstock/gustavo-frazao

We use our mobile devices for everything. Whether we’re ordering takeout or communicating with our loved ones, our mobile devices handle it all. It’s for this reason that mobile device usage continues to grow across the globe.

According to data presented by Stock Apps, the number of people using mobile phones hit nearly 5.3 billion in July, which is 67% of the world’s population. This number is even higher when you drill down into users who are simply using some form of connectivity, including Internet of Things (IoT). Between June 2020 and July 2021, this number rose to 10.4 billion globally.

A large contributing factor in the growth of mobile device usage is the effort businesses are putting forth to make remote work a continued possibility for their employees. This includes allowing employees to use their own devices to access company data.

Unfortunately, more mobile devices on your network can lead to serious cyberattack threats without heightened security measures.

More devices = more threats

Bring-your-own-device (BYOD) practices are becoming increasingly popular for businesses—and for good reason. For example, BYOD practices provide cost savings for employers looking to cut costs. According to a study by Repsly and HubSpot , a company with 500 employees could see $1.5 million in savings per year by implementing a BYOD practice.

Of course, more employee devices on your network leads to serious security challenges. For example, personal apps could intermingle with business data stored on your employee’s device. If that app is hacked, so is your data. 

Another issue lies within the management of these devices. Your IT team should be able to quickly revoke access or be alerted when security concerns arise. This can be difficult when personal devices are involved.

It’s true that each mobile device has a certain level of built-in security to ward off cyberattacks. However, it’s not enough. There’s an industry-wide need for a better solution for protecting devices from cyberattacks—and some organizations already have solutions in the works.

Researchers at the University of Missouri’s College of Engineering recently received a two-year, approximately $500,000 cybersecurity research grant from the NSA to develop a flexible, add-on security feature that allows different types of smart devices to learn from past attacks. The solution will also require minimal need for human intervention and include a collaborative network for the developers of mobile devices. As a result, they may share solutions to better respond against future attacks.

Appropriate mobile device use for employees

Until the brilliant minds at the University of Missouri complete their research and a solution is finally released, businesses must rely on available security measures. This includes educating employees on what’s appropriate and what isn’t when it comes to BYOD usage.

For example, employees should not:

  • Use personal or recreational apps while connected to company networks
  • Attempt to change or disable device security settings set by the IT department
  • Discard previously authorized devices until the IT department decommissions them

It’s not enough to rely on the security built into each device, nor is it enough to hope your employees use their heads when it comes to mobile security. Instead, businesses must take action to prevent data from falling into the wrong hands. These TechRepublic Premium resources can help.

BYOD Approval Form

Each personal device should be approved for business use before any data is shared. A BYOD Approval Form ensures your employees understand the risks and obtains their acknowledgment of your policies before approval. This sample form will get you started in developing your own.

BYOD (Bring Your Own Device) Policy

For proper security, you must establish guidelines for the usage and control of all employee devices, including what these devices can access. You and your employees should also understand the necessary steps to take in the event of loss, theft, or employment termination. This BYOD Policy describes these steps in detail as well as employee responsibilities.

Mobile Device Security Policy

The same heightened security measures must be put into place for company-owned devices too, including laptops, tablets, and phones. This Mobile Device Security Policy includes steps you and your employees should take to secure these mobile devices and prevent data loss in the event of loss, theft, or breach. And it’s customizable to fit your business needs.

Mobile Device Computing Policy

Quality mobile security starts with your employees and IT department understanding the right and wrong way to use mobile devices for work. This Mobile Device Computing Policy includes stipulations for both company and employee-owned devices and requirements for users and IT departments responsible for provisioning and managing mobile devices.