SUCCESSFULLY NAVIGATING THE BYOD MODEL

SUCCESSFULLY NAVIGATING THE BYOD MODEL

When a company decides to permit or mandate that workers use their own devices for work-related purposes, it is known as a "bring your own device" (BYOD) policy.

A. Security Risks and Privacy Concerns

This policy, which has become even more popular in a post-pandemic world, has given rise to security risks and privacy concerns, such as-

● Losing a device: The company runs the danger of a security breach if an employee loses a gadget that he uses for both business and personal use, or if it is stolen. Devices that are lost or stolen are a common cause of corporate security breaches. When an employee loses or has his personal device stolen, the company data on it may be jeopardised.

Loss of information: Employee error can also jeopardise the security of data and devices. Using insecure WiFi networks, not password-protecting a device, and enabling Bluetooth discovery on the phone are all bad practices. Each of them raises the possibility that an unauthorized person will access possibly sensitive data.

The security of devices and data is also threatened by malicious software (malware): People may unintentionally download a harmful programme, click on a harmful link, or fall for a phishing scheme. Even though some applications, such peer-to-peer file sharing ones, may not be dangerous in and of themselves, they may allow unauthorized users to access information on a user's device, making any company data that may be present there vulnerable.

The use of BYOD has led to data breaches. Untrusted individuals could access any unsecured data on a smartphone, for instance, if a worker uses it to access the workplace network and subsequently misplaces the phone. When an employee leaves the organisation, a security breach happens because they are not required to turn in their device, therefore company applications and other information could still be on it.

Additionally, consumers could fail to erase important data prior to handover while selling their devices. Family members may share devices like tablets; a child playing games on a parent's tablet could unintentionally email or share important information using another service like Dropbox.

B. BYOD Management

When an employee chooses to use his or her own device or when the employee installs an employer's mobile device management (MDM) software on his or her own device, BYOD policies (or terms affecting how an employee uses a personal device for work-related purposes) may be mentioned in an employment contract, orientation materials, employee manual, or when the employee chooses to use his or her own device.

Employers must put policies and corporate procedures in place to protect sensitive data and lower their risk of legal liability. Employers should strike a balance between BYOD and employee privacy. The following are a few examples of what a BYOD policy might include for employees.

When an employee chooses to use his or her own device or when the employee installs an employer's mobile device management (MDM) software on his or her own device, BYOD policies (or terms affecting how an employee uses a personal device for work-related purposes) may be mentioned in an employment contract, orientation materials, employee manual, or when the employee chooses to use his or her own device.

Employers must put policies and corporate procedures in place to protect sensitive data and lower their risk of legal liability. Employers should strike a balance between BYOD and employee privacy.

No alt text provided for this image

1. Google’s privacy-focused ad tracking solution out for Beta Access

No alt text provided for this image

Google 's Privacy Sandbox will protect privacy while giving app developers the resources they need to run and expand their companies.

In addition to limiting data sharing with other parties, it will develop new solutions that work without cross-app identifiers, such as Advertising ID. Read More


2. PeopleConnect Servers, including Instant Checkmate and TruthFinder servers breached

No alt text provided for this image

PeopleConnect , a provider of background check services, confirmed a data breach that resulted in the online disclosure of over 20 million user records.

Records from accounts created between 2011 and 2019 were exposed, and the incident affected users of TruthFinder and Instant Checkmate. Read more


3. Security Breach at Reddit, Inc. , No Serious Breach

No alt text provided for this image

By means of an advanced and complex phishing mechanism, hackers were able to breach the security detail of a Reddit, Inc. employee, gaining access to some confidential information of the employee as well as some documents and algorithms.

No confidential information pertaining to users such as social security numbers, security pins, credit card details were affected. This incident was brought to attention by the affected employee first. Read more


4. Europe Paving its way to the Data Act

No alt text provided for this image

By means of introducing the Data Act, the EU would allow every citizen in the union to access the data generated by a user while utilizing the services provided by a digital service provider and allowing the individual to have autonomy pertaining the sharing of data. This legislation shall be focusing only on ‘non-personal data’ for now. Read more


5. New Bill Passed in Australia which will enable consent over Targetted Advertisements and Erasure of Data

No alt text provided for this image

In 2022, the Australian government passed a Bill which increased the amount of penalties for data breaches, thereby providing citizens with additional control over their sensitive information, including the choice to deny targeted advertisements, erasure of data and litigation with respect to serious breach of privacy. Read more

Emesu Stella

legal Assist at Inter projeckts Ltd

1y

Very good program

Like
Reply

Sarah Armstrong-Smith Alexandre BLANC Cyber Security is BYOD future proof? in HIPAA environments only some C Suite employees are allowed BYOD and even then they have to give them first to the IT department for them to make sure they are compliant while in use on premises. What am I missing guys? Alex, what does ISO2007 say? Sarah, you guys still have BYOD in corporate?

Like
Reply

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics