BYOD For Small Business
Do you have a firewall? Do you have user permissions setup? Should you? As a small business owner busy with the day to day tasks of running your business, you don’t have time to stay current on changes in IT threats. We get it.
So it was no surprise to us when in a recent study performed by the SANS Institute on Securing Portable Data and Applications for a Mobile Workforce, it was found that organizations are lacking IT security and control over their BYOD and mobile workforce.
BYOD is Bring Your Own Device and it refers to when a business allows an employee to use their own computer, laptop or smartphone to access company files and data.
Employees that work from home, work remotely, or freelance on multiple projects using their own devices are all referred to as members of a mobile workforce. While there are many benefits to a mobile workforce, IT security has proven to be difficult. So why do you care?
Well, you may care because IT threats against small business have been steadily rising. New threats such as crypto locker are emerging. And experts say that many breaches are preventable but users don’t do the basics, which makes a great case for managed services – having a dedicated IT support company taking care of the basics for you.
Let’s quickly look at some stats and stories.
Mobile Work Statistics From The SANS Report
- 43% do not manage the desktops used by mobile workers creating a higher data security risk
- 30% of employees access corporate resources from unmanaged PC’s, which equates to a big risk of key logging and other data copying malware
- 25% do not have any controls or user permissions in place
- 13% encrypt data on USB keys – the other 86% risk data breaches or theft when USB keys are lost or stolen
- Download the entire PDF report here
Ask yourself, where do you fall within these stats? What would happen if your data was breached, deleted or stolen today?
You probably drive your car every day and never worry about being hit, until you’re hit. It’s the same with data breaches. You don’t think it will happen to you until it does. The good news is, there is a lot you can do to prevent a breach. You just may need to hire a little help, and that’s ok.
Small Business Employees Logging On Remotely – How Safe Is It?
In my own experience as a former dental practice manager, I saw mobile workforce security problems first hand in an office I worked at, whereby a free remote desktop software platform was given to any employee who wanted to “work from home”. This meant that all confidential patient records were accessible from the employee at home – or anyone else using their home computer.
The larger problem was a lack of security control and antivirus on those home computers. Malware infected computers could expose confidential data to cyber criminals.
I am happy to say that after raising the concern, the owner stopped remote access for everyone except a few key members of the team. Security was reviewed with them, and they were reminded of the data privacy clauses in their employment contracts and prompted to update their computer security at home. These were all steps taken in the right direction. To take it to an even safer level, as a business owner, you should manage any offsite computers your employees use to access your company data. Safest yet would be to have a small business IT support company manage both your in office and off-site computers for you if your primary business isn’t in IT.
The Small Business BYOD Bully
A few months ago, we had a young company call us to inquire about managed services for their team. Managed IT Services provide proactive security updates, user permissions, a firewall and better spam and threat filtering, and overall better network security and data protection.
The new company loved our plan and prices, but they didn’t proceed.
Here’s why: this young company had 2 marketing consultants who loosely worked with their team and had complete access to all their confidential documents. Those two consultants didn’t want any user permissions on their computers because they used their computers to freelance with multiple clients.
We explained to the young company that the fact that the consultants used the same computers to connect to multiple networks, and that the computers didn’t have basic security provisions on them, and that we know nothing about the security of the other networks, all posed a significant network security threat. We explained that you cannot properly secure a network with two wild cards on it.
[bctt tweet=”…you cannot properly secure a network with two wild cards on it.” username=”tucutech”]
The consultants kicked up a storm and the fledgling company caved to their demands. They felt they needed marketing guidance more than computer security. It shouldn’t a be this or that decision. If you need marketing help, hire consultants who will work within good BYOD and network security protocols. Don’t forgo computer security to meet the demands of your marketing consultant. In these days of near perfect phishing attempts, crypto locker network viruses and a steady rise in computer security attacks against small business, solid network security is a must.
So while the statistics in the SANS report are shocking, at the same time, they are not surprising to IT professionals. We don’t want to sound like alarmists or Debby downers. We simply want to acknowledge that while cyberthreats are growing fast, there isn’t necessarily a corresponding rise in network security in the small business realm.
[bctt tweet=”…while cyberthreats are growing fast, there isn’t necessarily a corresponding rise in security.” username=”tucutech”]
Hopefully the report and continued increased awareness will lead to more small business owners seeking out professionally managed network security.
BYOD & Network Security in Toronto
For network security solutions in Toronto, call on TUCU. We have been designing and installing servers and networks since 2003. We offer computer support, IT Consulting, network security reviews and upgrades, as well as Managed IT Services in Toronto and Durham Region. Our small business IT consultants and technicians are here to serve as the IT Department your business is missing.