Bring your own device (BYOD) continues to be a topic that generates much discussion in the security space. Discussions on mobile security, BYOD and the protection of data while away from a computer are not solely relegated to the corporate space. Any organization that allows employees to use a mobile device to access work materials, or conduct work business of any kind, needs to put some serious thought into the rules and regulations surrounding these actions.
A recent report from the U.S. Department of Defense Inspector Generals Office revealed that the U.S. Military Academy, as well as the United States Corps of Army Engineers Engineer Research and Development Center, are both practicing lax security standards when it comes to the use of mobile devices in the workforce.
The report uncovered that there were no policies in place to manage applications, delete data if a device was lost or stolen and to govern the use of the device as a mobile storage solution for sensitive data. There were also no training standards for employees on how to manage their devices or best practices for protecting private information.
Ultimately, the report found that many of the problems could be mitigated through the creation of a clearly defined mobile device usage policy. Luckily, this report will be instrumental in helping both groups recognize the faults in their systems before it’s too late.
There are many lessons that any business could learn from this report. As we noted in a previous blog post, BYOD is becoming increasingly common – and this is only going to continue in the coming years. No industry or company is immune to the BYOD issues that plague organizations around the world. So when it comes down to it – if your employees are engaging in BYOD you should probably have a formalized policy on what usage is acceptable on these devices. Without adequate security, executive buy-in and staff knowledge there will always be a risk that your corporate information is not being appropriately protected. Constant revising will also help ensure that your regulations are taking into consideration any changes in the technological landscape.
Do you have a security policy in place surrounding BYOD at your office? Let us know in the comments below.