BYOD Red Alert: Employees are Your Biggest BYOD Security Threat

With news of security breaches happening at major corporations all over the world, it’s easy for business leaders to start focusing all of their attention on outside threats. Hackers seem to be everywhere these days, so a strategy that heightens network security against cyber attacks is usually a good idea. If your business has adopted bring your own device (BYOD) policies, however, all that preparation for avoiding outside risks may be misdirected. BYOD definitely has its strong points, from greater productivity in the office to having employees with higher job satisfaction, but it also introduces some notable security threats companies didn’t have to worry about previously. The sad fact is that these new threats originate not from outside attackers but from within: the company’s employees themselves.


With business security becoming such an important priority, it’s actually pretty frightening to see a recent security survey showing an astounding 95 percent of IT managers say they’re having difficulty trying to deal with all the security threats out there. That would be tough enough to handle if all those threats came from outside the company, but that’s simply not the entire case. Instead, with the proliferation of BYOD in the workplace, the bigger threats are coming from workers using their own personal mobile devices on the job. The same survey shows that 87 percent of respondents say the company’s biggest threats come from careless employees when they’re on their smartphones and tablets. And when you consider that more than 40 percent say mobile security incidents are costing businesses upwards of $250,000, the problem is as serious as they come.

Businesses dealing with this unfortunate reality have cited a number of reasons BYOD has caused severe security problems. One of the main issues is when personal devices get lost or stolen. When companies enact BYOD, that usually leads to employees storing company data on their devices. When that device ends up lost or the target of theft, that data can end up in the wrong hands. As important as smartphones have become in daily life, some people, employees included, are simply not that diligent in keeping them safe. A careless employee can end up costing your business a lot of time and money protecting that data. There are, of course, ways to handle lost and stolen devices. Remote wiping can be effective when used correctly, but that can lead to serious pushback from employees when faced with the prospect of having the personal information on their phones wiped.

Another big problem affecting BYOD security is that many employees don’t even follow the guidelines set out by their company’s BYOD policy. Many businesses go to great lengths to ensure their policies have effective security procedures for employees to follow, but some workers either choose to ignore or fail to learn about them. For example, most BYOD policies have a standard in place where employees must protect their devices with strong password protection, but this isn’t always followed. According to another survey from BitDefender, while more than 44 percent of workers use a complex password for their devices, about 40 percent have nothing at all. Passwords might be a basic strategy, but they are often the first line of defense against hacker infiltration. To have that many devices unprotected is a serious matter.

Less vigilant employees may also unknowingly introduce viruses and malware into your company’s network. This is a particular concern as more and more people use Android devices. Almost two-thirds of surveyed IT workers say Android devices are riskier than other brands, including Apple and Blackberry. Android smartphones and tablets have become tempting targets for hackers, and the result is an increased risk in security threats. If an infected device were to connect to the company network, the malware could end up spreading to the network and other devices, eventually costing the company a lot of money to fully repair. Adding to the danger is how employees are generally unaware of the malware risks out there, increasing the chances of their devices becoming infected.

When it comes to BYOD security, your company would be better off looking on the inside and focusing on your employees. BYOD still has a lot of benefits to offer, but companies need to go the extra mile in educating and training employees to better handle the numerous security risks they could face. Enforcement of established BYOD guidelines is another excellent way to address security. Only then can businesses proceed to grow with more confidence in tackling whatever threats come their way.