In May 2018 rules come into force that could make it much more difficult for employees to use their own mobile phones, tablets and laptops at work.
The General Data Protection Regulation, an EU Directive which mandates that companies handling data about or on behalf of their clients must appoint a Data Protection Officer, imposes heavy fines for loss of data.
You might ask, what has this got to do with people checking their work emails on their phones or working from home using their own laptop?
There are three main data risks with a allowing a Bring Your Own Device (BYOD) policy; the physical loss of a device, a device being compromised with malicious software, and the transmission of data over unsecured networks.
The easiest way to get around security issues with employees’ devices is to issue them with company owned and managed technology. This means every aspect of security can be controlled centrally, for companies willing to pay for this.
Some companies may ask employees that want to use their own phones, tablets and computers to bring them within the company’s security ecosystem, but such a policy may not go down well with privacy conscious individuals, especially if they are required to access the internet via a permanent VPN.
One simple solution is to allow staff to access information, via webmail and cloud-based applications, if they want to use their own devices. This might not allow the full functionality of BYOD but it is cost effective, and secure combined with measures such as two factor authentication.
The clock is ticking, it is better to speak to an expert now rather than risk a fine in 2018.
