Managing BYOD’s downsides, the right way

For most organisations, bring your own device (BYOD) is now a fact of life. More than 70 per cent of employees use their own smart phone or tablet to access corporate data. However this doesn’t mean we should simply accept the trend and moving on. While many organisations have seen benefit in exploiting employees’ willingness to invest their own money in mobility, others have seen a rise in cost and complexity.

The built-in assumption that organisations will save money under BYOD by sidestepping the cost of devices doesn’t tell the whole story. The price of mobility goes beyond hardware and there are a number of hidden costs under BYOD that mobility managers need to grapple with.

Bill shock

Mobile data consumption is on the rise and BYOD is partly to blame. We are all active creators and consumers of digital content and popular mobile apps make content snacking on data-intensive videos and images tantalisingly easy. Unlike voice calls where you pay by the minute, keeping track of data usage and costs is challenging. Tack on employee roaming, the operator shift to 4G/LTE and faster release cycles for more powerful mobile devices. It all adds up to substantial mobile data bills, and an unpleasant feeling of monthly bill shock.

Depending on their BYOD strategy, employers may be compelled to subsidise the costs incurred but unfortunately bill shock is becoming increasingly common as the costs reach alarming levels.

Complexity breeds vulnerability

Providing IT support for a myriad of different devices, apps, and operating systems is certain to bring management complexity that wouldn’t exist under a policy that limits the number and type of end user devices. That complexity also comes into play when security policies are extended to multiple devices and operating systems.

Mobile platforms are maturing and so are the types of malware being designed to attack them. Advanced persistent threats, browser malware, phishing, data leaks, rogue apps, vulnerable operating systems, poisoned caches and man-in-the-middle attacks are just some of the threats that target data on employees’ mobile devices. Recent research shows that 21 per cent of employers allow employee access to corporate data with absolutely no security checks.

In a tumultuous IT environment BYOD policies can be an easy target for cyber criminals. An employee can inadvertently click on a malicious link, accessed via their BYO smartphone or tablet. That inadvertent click can end up infecting the entire network or the device can be used as a botnet, allowing cyber thieves to steal sensitive data and personal details including financial information, customer lists, and login credentials.

While no organisation is ever completely safe from loss or theft of corporate information, a BYOD environment means securing a dogs dinner of devices, apps and operating systems. Within the constraints of a traditional IT infrastructure, a more conservative mobile device policy simplifies mobile security.

Solutions like a mobile data gateway can help companies itemise mobile data bills for personal and professional use, and enable data compression to extend the data pool. Caps can be set on certain kinds of data, making it easier to successfully reap the productivity benefits of a BYOD strategy.

This kind of system can also provide a consistent defence against mobile malware, rogue apps and phishing threats, regardless of device or operating system.

Stijn Paumen is the vice president of business development at Wandera