Why BYOD is bad for most small businesses
BYOD is an acronym for “Bring Your Own Device” – its an approach that a business can take that allows their staff to bring their own computer to work instead of using the company supplied one.
The benefits of implementing a BYOD policy usually mentioncost savings to the business in relation to saving on asset costs and increased productivity and happiness for the staff member working with a computer that they like or are use to.
Maybe your business uses Microsoft operating system and a few staff members want to use MAC – BYOD allows this to happen.
However – in regards to business security and protecting your business from attack this is an absolute nightmare!!
If you have children and a family computer you might have already had to clean out junk software that the children have downloaded and even somehow got the computer infected with multiple forms off malware and other nasties. Now imagine taking that same computer to your work and plugging it into your business network.
Would you be worried that you have just added a possibly infected machine into your network that could have the potential to infect all the other computers and expose your business systems and data to abuse?
No matter how many times you remind the BYOD staff to practice good computer security and attempt to enforce your business security policy (I bet you don’t even have one) you are running a massive risk with BYOD.
To implement a safe BYOD policy into your business not only do you need clear rules within your security policy but you need software to detect any abuse or infection coming into the network. You also need “guest loading zones” within your network to first check the device is clean before allowing it access to your network.
Are your eyes glazing over yet with all this techie talk and waffle on security policies? Can you afford this effort and cost just to let your staff use their MAC?
Our policy is to never – ever allow personal devices to connect to our business network – its not worth the risk to our business potentially adding an infected machine. We just don’t have the time to identify all the risks involved and all the controls we would need to add just to protect our systems and data. Imagine what this would do to your insurance policy for claiming costs for a security breach?
For now leave the BYOD for the larger businesses that can afford the extra protection required to support this new fad.