The day after you get your shiny new mobile or tablet, chances are you’ll take it right to work and request the IT department to set it up with your work email and allow access to the company network. “Bring your own device” (BYOD) has become widely adopted to refer to workers bringing their personal mobile devices, such as smartphones, tablets and PDAs, into the workplace for use and connectivity.
Many of us need a mobile device for work and personal use and don’t want to carry two separate devices, but this can cause security challenges for the company. If you lose your mobile device while on vacation, let your kid download an app which infects your phone and starts spamming your address book, or someone accesses your company email while you’re using a public Wi-Fi connection, this can have big implications for your company in terms of a data breach, loss of intellectual property, public embarrassment and annoyance.
That’s why mobile security should be a priority for both you and your employer. As an increasing number of companies agree to this, they are also requiring you to agree to their terms as well. So you should expect to have to comply with some things like:
- You may required to download and install a security and monitoring app that can’t be removed. This app may have a certificate authenticating you and the device to connect to the company network and run company programs.
- The installed app will likely provide your company with the ability to remotely control your mobile at some level. I wouldn’t be concerned about this unless of course you’re not abiding by the agreement you signed.
- At a minimum, expect the application to have the ability to locate your mobile via the phone’s GPS if it’s lost or stolen, as well as an autolock functionality requiring you to lock your phone locally after 1-5 minutes of downtime. Also, your employer will likely be able to wipe your mobile of any and all data..
Because your employer is liable for potentially lost data, if you BYOD, plan on giving up some liberties.
Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)