Bring Your Own Device (BYOD) policies are being increasingly adopted by small, medium, and even enterprise-level operations all over the world. According to a recent study by Cisco Systems, businesses lower their operating costs and raise productivity when they implement bring your own device policies—even when they don't leverage said policies as much as possible.
One thing the study didn't mention is the potentially huge costs that a BYOD policy can leave a business vulnerable to: a lost device can represent a $50,000 loss to any business that doesn't have a security plan geared towards this policy, according to Intel's “Billion Dollar Lost Laptop Study”.
There are ways to practically eliminate BYOD's vulnerability to these specific types of security risks. Considering the way that bring-your-own policies seem to be a necessity moving forward, it's important to know how to add enterprise-level security to personal devices. And it is 100% possible to add this kind of security even for very small businesses.
Why Go BYOD?
This BYOD phenomenon has quickly become standard operating procedure in many businesses, and is quickly spreading. Even in companies where such a policy has not been enabled, nearly one-third of employees with smartphones will go behind employers' backs and use their devices anyway.
Because these policies often result in increased employee satisfaction, businesses risk higher attrition rates when they stick to company owned devices. They also face a stronger risk of losing out on new talent. And they miss out on the three biggest benefits of BYOD implementation: lowered costs, increased production, and increased employee satisfaction.
Cisco's study, taken across six countries and 18 industries, showed that BYOD policies added an average of 37 minutes each week—just over 30 hours a year—of productive employee time every year. And it's important to keep in mind that this average score is an aggregate of the results in six countries. That number if probably higher in the U.S. (where employees report saving 81 minutes a week) than it is in the more skeptical Germany (which reports an average of 4 minutes per week).
All in all, the study proved that a BYOD policy added $350 worth of value per employee. It's important to note that this figure comes from what Cisco calls only 21% of what could be a more robust “Comprehensive BYOD” operation. 100% implementation could theoretically raise this to nearly $1,750 per employee per year!
The Dark Side of Bring Your Own Device
Intel's “Billion Dollar Lost Laptop Study” showed that the actual cost to a business of a lost business laptop didn't just lie in replacing the device. The study found that, on average, a lost laptop represented a nearly $50,000 hit in terms of lost data, lost productivity, and potential network intrusions made possible by the device. For those in Financial and R&D industries (to give just two examples), the loss per item cost could be much greater.
No one has to be told that items like tablets and (especially) smartphones become lost or stolen more frequently than laptops. And the data on these devices is generally less well secured than on company-owned laptops. How, then, can businesses move forward into the 21st century without sacrificing valuable security?
Cloud-Controlled Document Security
Most administrative personnel today are familiar with the benefits offered by cloud computing. Cloud solutions are so easy fast to implement, many are opting to step around their own IT departments and implement easy-to-use cloud solutions instead of jumping through the hoops with their (often difficult) IT departments.
This phenomenon (known as “Shadow IT”) is beyond the scope of this post. But one thing that management and IT can agree on is more security for any device that can get lost or stolen. In fact, BYOD policies are often something of an IT nightmare!
A cloud-based security solution can offer functionalities that until recently weren't even possible. These include:
- The ability to deny access to a document that is stored on a specific device, or accessed by a particular user.
- The ability for documents to automatically become inaccessible when they leave a certain geographic region, or when a certain date has been reached.
- The ability to know which parts of a document are looked at the most (an excellent side-benefit from a marketing perspective).
- The ability to track document usage across devices and geographic regions, in order to detect a leak.
- Central control and monitoring of all such documents in an interface usable by non-technical administrators.
This type of security hasn't yet received wide attention—but it is developed enough to be fully robust. It is device- and OS-agnostic, which means that it operates across devices and operating systems. Most importantly, it protects valuable intellectual assets while allowing a business to take advantage of BYOD's benefits.