Bring Your own Device refers to the use of private end devices at work. Usually, this means smartphones, tablets and laptops.
What does BYOD mean in detail?
The most important feature of BYOD is the mixing of professional and private use. This can lead to a rise regarding cyber risks for the company in question.
For example, a privately used device may not be updated as quickly as the company IT. As a result, security vulnerabilities that get detected remain on private devices for longer and can be exploited by malware. This malware can then spread throughout the company via e-mail or the next time the user logs into the company network.
Programs that run on laptops are also often an issue when it comes to BYOD. This is because they can also have an impact on the company. For example, if a program of dubious origin is installed on a laptop or smartphone that is also used for work. If it turns out to be a malware program, it may also spread in the corporate network.
The issue of data protection – more precisely: the protection of personal data – must also be taken into account with BYOD. For example, a private smartphone on which work e-mails are also kept can get lost, stolen, or briefly handed to another person. In all these cases, unauthorized third parties potentially have access to the work e-mails and the personal data they contain.
In addition to smartphones, tablets and laptops, many other private devices are finding their way into everyday working life. For example, a smartwatch may access the company’s wifi. Or while working remotely, the private fitness tracker or e-reader is charged via USB on the laptop, which is also used for work. The more complex these devices become, the more important it is for companies to take them into account in the context of BYOD.
How does BYOD affects employees in their everyday work?
Just a few examples of BYOD:
- Professional e-mails are checked on the private smartphone.
- A presentation travels from the office to home on a USB stick and is revised back again.
- In the pandemic home office, the private laptop replaces the company desktop computer.
- Work-related phone calls are also handled on the private smartphone
What can I do to improve the company’s safety?
In principle, every company should have clear guidelines for BYOD. In other words, how the company itself deals with the issue and how its employees should deal with it. The clearer the guidelines, the better all those involved can stick to them.
Companies that do not yet have a BYOD policy should establish one in consultation with their IT department, their external IT service provider or a specialized IT security company such as Perseus.
The following applies to employees: If devices used for work and private purposes are not yet an issue in your company, act proactively. Follow the basic rules for increasing cybersecurity:
- Always activate the screen lock when you are not working on the device
- Protect each device with a password, PIN, fingerprint, facial recognition or similar
- Install updates immediately
- Ensure password security
- Keep backups
- Make sure new software and apps are from a reputable source
- Use virus scanners, e.g. to check USB sticks before use.
Be wary of phishing attacks in both your professional and private life and be critical of e-mails, attachments and links
Derive from a shortened form of the English word “robot,” “Bot” refers to the IT version of a robot: A computer program that automatically and independently performs certain tasks.mehr lesen
Backup means “reinforcement, protection” and means a backup copy in IT. For companies, backups of their computers, servers and especially the stored contents are very important, because in the case of data loss or damage, current backups allow the fastest possible return to normal operation.mehr lesen