Today, of course, it’s expected that we all have our devices within reach, as the convenience of having a communication, data processing and information-sharing tool in the palm of our hands outweighs any fears of time wasting. Moreover, if you are concerned about how your team members utilize their devices while on the clock, then you have not developed, distributed, or most importantly enforced your BYOD policy.
The overwhelming majority of businesses that do have a BYOD plan in place report significant advantages such as increased productivity, less time training staff, and an increase in team satisfaction.
When we think about a BYOD policy, we tend to think of traditional devices such as smartphones, tablets, and laptops. However, if those are the only devices you are concerned about, then you are leaving your business vulnerable. The Internet of Things (IoT) is here and changes how your team interacts with their devices, how devices communicate with each other, and how they affect your business.
Table of Contents
The Internet of Things
The IoT reflects the current state of connectivity in technology today and refers to any device that can connect to the internet. The key word here is “any.” We have grown beyond the realm of devices such as smartphones or tablets. We are now talking about heart monitors, climate-controlled devices for your home, performance devices, your kitchen appliances, your car, and of course the smart speaker on your desk. If they can communicate with the internet and are unsecured, they are a risk to your business.
Developing Your BYOD Plan
With an increasing number of devices connected to the Internet 24/7 and brought to work, now’s the time to consider updating not only your BYOD policy but your internal policies regarding security as well.
Many of the technologies you have in your offices, such as coffee makers, climate control solutions, and other commonplace devices may be part of the IoT. This means they are connected to the Internet and have the potential to be compromised.
Your BYOD plan needs to recognize that the days of only having to worry about the threat of smartphones, laptops, and similar devices is over: the age of IoT has changed everything. As more of your team use IoT devices and increases the number of devices behind your security system, there is a higher chance of someone finding an exploit and getting through to your network. Your updated BYOD Plan should:
- Determine which devices will be allowed access to the network.
- Establish a flexible security strategy that can adapt to the next new thing.
- Develop a system to monitor how/when foreign devices connect to the network.
- Inform your team of your BYOD strategy and your acceptable use policy.
Implement an Updates and Patches Policy
When it comes to smartphones and computers, updates are often ‘pushed’ to the devices, with little to no user interaction needed. This, in turn, creates a ‘herd’ immunity of protected devices, which reduces the number of opportunities for malware to take hold.
Unfortunately, many IoT devices are designed to be replaced by the next important thing, also known as “planned obsolescence.” This means there’s little incentive for companies to provide upgrades. Instead, the burden is placed on the end user to look for any updates or purchase a new device. This practice creates an ecosystem of outdated and vulnerable devices being used by your team and presents a security risk every time they connect to your network.
BYOD brings many advantages to your organization, however in the case of IoT devices, it also brings additional effort. Your IT team must audit any IoT devices for security flaws before they can access the network. If the devices are out of date and unsecured, your team members will have to bring them into compliance; if they are unable to, they cannot be allowed to connect to the network.
Train Your Team
As always, your team is your biggest asset, but only if you give them the information and tools to understand what is required of them and why.
As IoT devices become commonplace, many of your team members may not realize the danger to your network security their devices represent. So, it is up to you and your IT team to develop a modern, up-to-date BYOD policy that includes and accounts for IoT devices and the dangers they represent.
Facing the Future
Your BYOD plan must consider and evolve to accommodate not only how people and devices communicate now, but how they will in the future.
Face it: IoT devices have the potential to expose your network to attack, and their presence will only increase; they are not going anywhere. Please understand this fundamental concept: if the IoT device cannot be secured when on your network, then your network cannot be secured either.
The need to protect computing systems has never been more crucial to your business’s success, and one unsecured device can expose your network infrastructure to cyberattack. IoT devices, particularly those of low quality, are becoming more commonplace. Now is the time to develop a plan to secure your network from this new generation of technology.
