Even before the Covid pandemic forced a mass acceleration of the shift to remote work, 67 percent of us were using our personal smartphones for work. For employers, the BYOD (Bring Your Own Device) trend has seemed like a huge win. After all, according to Cisco, BYOD generates $350 in cost-savings per year per employee, and studies show that employees who BYOD put in an average of two extra hours of work per day.
And overall, teams tend to prefer using their own familiar tech, despite the fact that — in practice — BYOD has led to even greater blurring of the line of demarcation between our private and professional lives. Even off the clock, the average employee is continuing to answering emails and review documents on their commute home or before bed at night.
So it’s no surprise that nearly 70 percent of business IT decision-makers in the U.S. say that BYOD is a good thing. But too often, business owners enamored with these benefits end up glossing over the risks of opening up corporate resources to access by many different unregulated personal devices and the potentially malicious applications that live on them.
We say it every day: for all the value your talented team brings to your business, as end-users they are indeed the weakest link in your IT security chain. To mitigate risk, companies should not only be implementing security awareness training and consulting with their IT experts to craft BYOD policies, they should also make common-sense device best practice reminders a regular part of the team environment. Let’s look at a few of the basic smartphone security practices you and your team should be keeping in mind.
Be mindful of your phone’s location
Mobile devices are obviously lost and stolen much more easily than desktop computers. Since we tend to keep our smartphones more or less in our hands all day along, we are forced to put them down in some sketchy places throughout the day. Think subway benches, bathrooms, restaurant tables — places where they’re easy to steal and easier to lose. And when it happens? There goes all your (and maybe your company’s) confidential data.
Phishing: Don’t take the bait
We’ve all gotten emails from a Nigerian prince who has become the star of our jokes, but phishing has actually become frighteningly more sophisticated and easy to fall for. A smartphone user is more likely to fall for a phishing scam on two accounts. First, the chance of receiving phishing links is much higher on messaging apps like Whatsapp and Facebook Messenger. Second, the small screen size makes it difficult to clearly verify the authenticity of the site being visited. Be especially careful when downloading data and even 3rd party apps on your phone. Double check URLs when browsing online using your phone and don’t click on texts or any messages with links that seem malicious. Remember the universal truth that things that seem too good to be true almost always are. You probably (definitely) haven’t won the Irish lottery — or even the $50 gift card “Amazon” is asking you to claim via text.
Skip the free WiFi — unless you’d like a side of malware
We’re a busy culture. And because we are on the move all day, the fact that the grocery store, the coffee shop, and the airline lobby have free WiFi makes all of us happy… but nobody more than the malware distributor. Just as we need to take all possible measures to prevent ourselves from catching Covid or the flu and infecting everyone in the workplace, your mobile device is a vector for a malware infection that can bring down your company’s network.
Use security protection technology on your devices the way you would on your office workstation.
Your IT management team should be implementing protections that extend to all devices that utilize company networks or have access to company data. For example, for our own Level5 clients, we install our management agent on every device that needs to directly connect to company resources. Just as you prevent misuse of your debit card with a PIN number, we ensure BYOD devices are protected with passcodes that prevent access to your data. Our RRM application also allows us to wipe all company data from smartphones remotely in the case of a lost or stolen device. And we help our clients craft the company BYOD security policies necessary to keep their businesses safe.
As businesses continue to adopt BYOD, it’s important that business owners fully appreciate the importance of keeping their companies and their brands safe — as well as making sure their employees know how to do the same.
Need to discuss BYOD, your business’s IT security, or any other IT service need? Our team isn’t just a roster of talented tech experts – we’re pretty good conversationalists, too! You can call us directly at