BYOD, bring your own device, has become increasingly popular as more companies have started adopting hybrid work models. According to an HP Teradici Security Report, 48% of 8000 respondents said their companies were using employee-owned devices for work. 74% of respondents felt that BYOD use would be increasing.
There are advantages to employees using their personal devices for work, such as fewer overhead costs. But there is a major downside to this BYOD trend – devices are increasingly vulnerable to cyberattacks.
How can BYOD policies be conscious of security issues? What are the experiences of people from different industries adopting BYOD? We look at the findings from the security report, as well as what a few experts from M&E and beyond had to say.
BYOD is a policy adopted by some companies that allows employees to use their personal devices, laptops or desktops, tablets or smartphones, to access company servers, files and data.
According to our findings in the security report, there has been a rise in BYOD use among all the industries we surveyed. The highest was seen in the Education sector (69%), followed by Finance (50%). IT & Technology (45%), Government & Military (43%), and Healthcare (40%) have a mix of corporate and employee-owned devices. Media & Entertainment (39%) had the lowest interest in BYOD, preferring corporate-owned devices.
Saker Klippsten, CTO of Zoic Studios/ Zoic Labs spoke from personal experience, during a webinar entitled Securing the Hybrid Workplace in 2022 and Beyond, about his organization’s move away from BYOD. As a result of security concerns raised early in the pandemic, Zoic switched from BYOD to a strict policy of corporate-managed devices.
There are reasons for the increase in BYOD use – employees prefer using devices that they are familiar with. Additionally, BYOD increases productivity – not being tied to a device in your workspace allows employees to work anywhere.
For businesses, BYOD equates to fewer operating costs. Companies don’t need to budget for separate devices for each employee, or peripherals.
But as convenient as BYOD is for both employees and organizations, personal devices have fewer security measures, leaving them vulnerable to cyberattacks.
Companies do not have control over how and where data is being accessed on BYOD endpoints, nor can they manage the applications on devices. Corporate files saved locally are even more at risk.
For companies adopting a hybrid work model, employees will also be commuting with devices, which adds another layer of vulnerability. 53% of respondents to the survey said employees would be commuting to the office with either BYOD or corporate-owned devices, with the highest proportion being in the Education sector (65%).
As we learned from our security report, the rise of BYOD has given IT teams much to be concerned about. 94% of respondents said their companies had security concerns. It’s also important to note that while company data can be at risk with BYOD endpoints, personal data on the individual employee’s systems would also be vulnerable.
During the webinar, Tim Burton, Managing Director at 7FiveFive, spoke of the unique needs of the Media & Entertainment industry. Remote compute is even more necessary because M&E is largely freelance-based. A freelancer may well be using one device to access applications and data from multiple organizations, further increasing how many organizations’ information could be at risk.
Klippsten also mentioned the discrepancy between company security requirements and the actual implementation of security measures. Both Burton and Klippsten have noticed that M&E companies have very high audit requirements, but the production companies don’t always enforce those company policies for how content is shared on either BYOD or corporate-managed devices.
Jaymes Davis, Director of Product Strategy and Sales Engineering for Tehama, addressed these security issues saying, “we need a Zero-day frontend and a Zero Trust backend.” The Zero-day approach has no negative impact on the customer or the user but keeps the data secure. Endpoints can be as simple as possible if all company applications and data live on the cloud.
For organizations across industries, a solution that offers security, without compromising on flexibility, is required. HP Anyware for digital workspaces combines the security and flexibility of Teradici CAS with the collaboration values of ZCentral Remote Boost for any kind of user to be productive from anywhere. With HP Anyware, IT teams can future-proof their deployments on any cloud, data center, edge, OS, or workstation infrastructures.
Contact sales to try HP Anyware today. Watch our webinar on security in hybrid workplaces where we discuss BYOD and data security with a panel of guests.