By Allie Philpin
The independent, global information security organisation, the Information Security Forum (ISF), the risk of data loss and IP theft shows that enterprises need to ensure they have a strategy in place when it comes to mobile devices in the workplace. The ISF, considered a leading authority on information risk management, cyber security and security breaches, believe that businesses who push through BYOD (Bring Your Own Device) strategies too quickly, they fail to consider the risks involved, thereby exposing their companies to not only unknown, but also unnecessary risks. To make sure that any BYOD policy works, risk management is an absolute must and should be a key element in the foundation of any such program.
Currently, 88% of consumers using personal mobile devices for personal and work reasons, according to PwC’s global survey; add Gartner’s prediction that 50% of employers will stop providing employees with devices by 2017 and expecting them to bring their own, this opens up mobile device risk even more. For your enterprise to be ready to accommodate any BYOD program effectively and with the lowest possible threat of security breaches and/or data loss, it is crucial that the risks are not only considered but managed, too.
CEO of ISF, Michael de Crespigny said: “The use of personal devices to store and process sensitive information continues to rapidly affect the way we do business, meaning organisations are easily exposed to new and more complex threats from stolen, lost or destroyed data, malware and other attacks if the device is not securely used and protected.” He added: “By putting the right business practices and usage policies in place, organisations will benefit greatly from the flexibility, increased productivity and reduced costs that mobile devices can bring to today’s workplace, while minimising exposure to potential security risks.”
The ISF’s report, Managing BYOD Risk: Staying Ahead of Your Mobile Workforce, provides an approach to BYOD implementation that is information-centric and highlights key considerations:
• Explain how to take a risk-based approached.
• Identifying key risks with BYOD implementation.
• Provides guidance to implantation.
• Shows leading practices as a process including controls, key actions and business operation recommendations in order to prepare for the deployment of BYOD.
• Explaining the use of the BYOD Implementation Tool and how it can help to support a BYOD program’s deployment.
De Crespigny explained: “Our latest report provides ISF members with guidance on the implementation of a successful BYOD program, and how organisations can quickly, and easily, identify the risks and threats associated with BYOD programs.”