Does it make sense for employers to have a “bring your own device” policy and allow employees to use their own electronic devices for work? There are potential savings (the employees buy the device) but there are ongoing security threats that you must address. That gets more complicated when employees use their own devices.
Devices and Who Owns What
Working from home became the default during the COVID-19 pandemic for those of us who didn’t need to be at or do something in the workplace physically. Your company may continue down that path or now have a hybrid schedule where office and home time are split. With work performed in multiple spaces, technology needs to be mobile. Your company could allow employees to “bring your own device” (BYOD), or you could supply them.
Those devices can include laptops, Chromebooks, and smartphones. As smartphones become more capable, more business may be conducted on them. Depending on the model used, it may go beyond checking emails and making phone calls.
If your company goes down the BYOD route, the hardware would belong to the employee, but the data, documents, and software on it would belong to you. That device would be a doorway into your company’s most critical operations. Your employee may intentionally abuse that access or mistakenly allow others to do so.
Is Allowing BYOD Making Your Business More Vulnerable to Security Threats?
When a worker connects their devices to your network, security breaches are more likely, according to the University of North Dakota, and each device using your network raises the possibility of a security breach. Your employee may unknowingly have malware and viruses that can spread to your system, threatening a loss of personal and financial information. Ransomware may also end up on your network, blocking access to data until hackers are paid (and even if you pay, there’s no guarantee the criminals will live up to their word.)
If you allow the use of personal devices, company policy should include the following guidelines:
- Employees can only access the parts of your system that they need to do their jobs
- There should be two-factor authentication for devices
- Employers should do risk assessments to find vulnerabilities
- Employees should use complex passwords that change regularly
Hackers aren’t the only issue you need to worry about. Physical security can also be a problem. If the device breaks and needs repair or replacement, who pays for it? If a device is lost or stolen, your company and your customers may be at risk if your network is still accessible through the device or if valuable information was downloaded onto it.
Employees May Not Want to Use Their Own Devices
Security is a two-way street. If your company wants complete access to a device, employees may lose their privacy. They don’t want your IT department going through their photos, finances, health, and contact information. If the device is turned over to your company to “wipe” business-related info, personal data may be lost too.
“Wiping” a memory device may not be enough to ensure it can’t be seen or used again. Devices should be physically destroyed to make sure no one will access them. Will an employee consent to having their laptop taken apart and the memory device shredded? Will your company or your employee pay to replace it?
You Can Trust TITAN Mobile Shredding to Keep Your Data Safe
You may find buying devices and taking complete charge of their security and upkeep the better long-term option. It will have more upfront costs, but the improved security and decreased hassle may be worth it in the long run.
TITAN Mobile Shredding’s hard drive destruction process ensures that each hard drive is destroyed and its data is unrecoverable. We oversee the entire procedure from start to finish. We serve the needs of businesses and residents in Pennsylvania, New Jersey, and Delaware.
Call us at (866) 848-2699 or use our online form to discuss your needs and how we can help. We can customize our services at a price you can afford.