On my first post of a couple of months ago I spoke about Windows XP and was it an end of an era. One very important thing that resurrects that post is the growing trend of BYOD (Bring Your Own Device) to work.
BYOD is used by lots of companies to save money as they allow their employees to use their own devices for work purposes. Devices that are used in BYOD are desktop or tower computers, laptops, tablets and cell phones or mobile phones.
At first glance it seems like a great idea until you realise the security implications that come into play. Security implications that if not properly dealt with can cause major headaches.
If you work from home there is a good chance that you will be using your own computer. If the computer you are using is a desktop or tower there is a very good chance it will be running Windows XP as its operating system. If you use a laptop it will probably be using Windows Vista, 7 or Windows 8 (if the laptop is less than 8 months old) as it’s OS. It is highly unlikely that the laptop will be using Windows XP.
As I have mentioned before Windows XP can be a nightmare when it comes to making sure it is secure, as patches are no longer available since mainstream support was stopped earlier this year. Users of Windows XP can’t not use Internet Explorer 9 or above and certain websites or cloud based software only work with Internet Explorer.
If different devices are brought into the workplace there is more chance of malware and viruses spreading. Heartbleed has also not gone away and you will recall in an earlier post I mentioned how widespread it still is and that it also affects Android devices running Jellybean 4.1.1.
According to a report by Forbes earlier this year 97% of all malware on smartphones last year were on smartphones running on Android with the remaining 3% coming from smartphones running on Symbian. Smartphones running Apple’s iOS, Blackberry’s OS and Microsoft’s Windows Phone OS had no issues.
Most of the malware was downloaded from non-official Android Stores, so always use the Google Play store when downloading apps. By only using the Google Play store you are heavily decreasing the chances of your smartphone or tablet getting infected.
I have not mentioned Apple computers or computers running Linux as most of the software run in workplaces are not compatible with them. The majority of computers used are ones running Windows and they are the ones that are more likely to cause issues.
If your workplace is contemplating introducing a BYOD police or already has one then it should also bring in some guidelines. These guidelines will help safeguard your I.T. infrastructure and data from being corrupted, deleted or stolen.
Some suggestions for a BYOD Policy include:
1. Any computers running XP should use either Firefox or Google Chrome as their browsers. If they can’t run the latest version of Internet Explorer and it is needed, then their computer can’t be used.
2. There are so many versions of Android devices available that it’s hard to keep track of them,
3. It’s harder to police an employee’s laptop if it was not company issued and they may not have any anti-virus software or use the anti-virus software that is standard company issue.
4. If it’s hard to police an employee’s laptop, how do you know what they are downloading or viewing on it.
5. Invest in software that mimics BES (Blackberry Enterprise Systems) on iPhone, Android & Windows phones and also install Citrix virtual clients on all tablets. This makes the devices more secure.
6. There have been numerous cases were laptops have been misplaced or stolen with important data on them. With a BYOD the risk of this happening could be greater and who else may have access to it? Make sure all BYOD are encrypted with data backed up on a regular basis.
With so many potential devices different devices accessing your companies network and or Wi-Fi, you have to make sure the risks are minimised. No network is guaranteed 100% secure but by taking the right precautions you can lessen the chance of anything happening. As I also mentioned encryption and regular back up of data is a must.
Provided you have a proper BYOD policy, then allowing BYOD can be a good idea. It can save money as the company is not supplying and replacing hardware. As an employee the downside is that you may be asked to pay for any extra software like Citrix Virtual clients. Also if you are encouraged to BYOD will you have to pay for new hardware, if what you have does not meet company BOYD requirements.