BYOD and Its Risks to Network Security

by VPNHaus | 06/04/2014

In the not-so-distant past, when enterprises lacked ubiquitous high-speed Internet connections and the means to provide employees with remote access, organizations were far more likely to enforce strict working hours than they are today. After all, work wouldn't get done if employees weren't present.

Mobile technology has since enabled the growing trend of remote work, allowing employees to work from anywhere at any time. As a result, many employers have become more flexible in their expectations of employees and in their definition of "the workday."

But, where they shouldn't be more flexible, and where many are actually falling behind, is in the governing of how employees use personal mobile devices for work purposes and their remote access to the corporate network.

Are Employees Bringing Their Own Security Problems, Too?

Bring-your-own-device (BYOD) is now more of the norm than a new, disruptive trend. According to a new study by Gartner, more than half of the 995 employees it surveyed said they use their personal devices for work purposes for more than an hour each day. For companies, every second that sensitive information is leaving the corporate network, it could be exposed.

In a perfect world, employees would never experience security problems with their personal mobile devices while using them for work purposes, and 100 percent of those few who did would report incidents to the appropriate personnel at their company.

The reality is vastly different.

Gartner found that about one-quarter of users have had a security issue with their personal mobile device at work, and only 27 percent of these victims have reported the incident.

These numbers suggest that organizations still have a long way to go to manage BYOD, and that new approaches and technologies are required to protect business data accessed via employees' mobile devices.

Central Management to the Rescue

Enterprises are increasingly seeking to implement remote access solutions with central management capabilities to manage VPN configurations, certificates, and network and firewall policies, and prevent sensitive data from being exposed whether unknowingly by employees, or by hackers with malicious intent. With myriad operating systems and devices to support in a BYOD environment, IT administrators are searching for cost-effective solutions for securing remote access to the corporate network while enabling workers to be productive.

With a centrally managed VPN that works on all types of devices an employee might have, IT administrators can ensure that all endpoints connecting to the corporate network are policy compliant and automatically roll out VPN software updates to all employees. Also, if a breach occurs, immediate steps can be taken to revoke access to the network down to the device level. IT staff, then, gain a powerful tool that helps to fill the gap left by unreliable employee self-reporting and keep the corporate network secure.