The 'Bring your own devices (BYOD) to work' trend is fast catching up with the Indian IT community, where employees are now being permitted /encouraged to use their personal mobile devices to access corporate information while on the move. The sudden surge in the availability of moderately-priced high-tech laptops, tablets, net/notebooks and smart phones now make it easier for working executives across all sectors to catch up with work anytime of the day, irrespective of their location.
Studies and surveys across the world have revealed a popular opinion that using personal devices would in fact increase the comfort level of the employee and directly influence productivity. While cost-savings on infrastructure, training, hardware, and software ensue from this trend, it also serves as the origin of unknown, diverse security threats. Employees in fact will be using the same device for both official and personal purposes which may expose the corporate network to a whole new set of varying security threats arising from each personal mobile device. Another important factor is the unlimited availability of corporate data, and contact information that may reside on each device. A single compromised system on the network or a stolen device could result in serious damage in terms of data loss and misuse.
Internet access from computers at the workplace is usually discouraged, except for a few privileged roles or select websites. Companies usually follow strict security measures to monitor known parameters associated with the limited access. With personal devices being introduced into the network, security becomes a mutual responsibility of both the employer and the employee. Employees will certainly have to be highly aware of the consequences of accessing a given website or downloading applications from the internet.
A survey by Information Systems Audit and Control Association (ISACA) conducted late last year has brought forth interesting results. About 92% of the surveyed IT workforce are of the opinion that at least 2-4 working hours are being spent on online shopping and internet browsing etc. during which they are bound to reveal addresses, contacts, mail ids and even their location details, which may prove costly when in wrong hands.
According to a Gartner report, enterprise mobility seems to be the key focus area of this year for about 30% of large organizations across the world, while a Forrester Research has predicted that about 60% of the IT workforce will be going mobile during their regular work hours. With high-tech mobile devices flooding the markets at more economical prices, increasing consumerization of IT that brings technology first to the end-user, and the need for companies to go mobile to improve service levels and returns, it is only apt that more stringent device management processes be put in place to strengthen the security of corporate networks and their data.
Security concerns related to mobile device adoption can be addressed by appropriate use of mobile device management software to monitor all devices (personal as well as company-owned) connected to the corporate network and segregate personal data from classified information. Companies should also restrict the kind of personal devices used, reimbursable costs and access to data and resources in order to control unauthorized access to sensitive data. Security concerns related to mobile devices is not limited to corporate houses; Each and every device owner unless well-informed of the risks, is prone to data theft and misuse.
About the author : Lakshmi.A is a Contributing Editor for TradeBriefs. She can be reached at