Skip to main content
App management icon

This post is from the Apperian blog and has not been updated since the original publish date.

Last Updated Jul 06, 2015 — App Management expert

Mitigate Risk by Educating Your BYOD Employees

App Management

BYOD security strategies often include firewalls, VPNs, passwords, and other technical measures. The one thing they often don’t account for are the users. Whether it’s tapping into an unsecured wifi network or letting a friend borrow a phone, BYOD users are often their own biggest security threat.

When it Comes to BYOD, Never Assume

A 2013 survey of 1,000 US office workers conducted by Opinion Matters found that an alarming 95.6% of respondents admitted to using public WiFi to perform work tasks on their tablet or smartphone. What is perhaps even more alarming is that more than one-third also admitted to connecting to a public WiFi network at least 20 times per week. These figures point to a significant disconnect between the reality and expectations of organizations supporting BYOD. As much as we’d all like to assume that all BYOD employees are well versed in basic security practices, the survey results show that this simply isn’t the case.

Education: Start with the Basics

While having employees sign a BYOD policy is a good first step, it is no replacement for training. Before entrusting employees with mobile enterprise apps and sensitive data, it is critical that they are formally made aware of basic mobile app security. In training, focus more on best practices rather than delving into highly technical material. Illustrate the importance of constructing strong passwords as well as the dangers of connecting to unsecured WiFi networks. Cover best practices when it comes to suspicious emails and attachments, and provide employees guidance on what to do if they think their device has been compromised. Keep in mind that many mobile users simply aren’t aware of mobile security dangers, and a short training program or course will go a long way in curtailing risky behavior.

Tackling Non-Compliance

In addition to education, enforcement is also an important piece of the BYOD puzzle. Implementing consequences for non-compliance may sounds tough, but it also sends a clear message to BYOD users that data security is a serious matter. While there is no one-size-fits-all enforcement strategy, many organizations are incorporating BYOD compliance into performance reviews and have policies in place to revoke BYOD privileges in the case of non-compliance.

Continuous Education is Key

Technology, as we all know, pushes forward at an unrelenting pace. As advances in mobile technology and apps bring new opportunities, they will inevitably be accompanied by a few additional risks. With that in mind, continuous education to keep BYOD users up to date with latest mobile security threats should be a part of your overall IT security strategy.

More from the Blog

View more
Apr 30, 2020

Mobile Application Management: A Forward View

App Management
  IT Is Adapting in the Midst of the COVID-19 Pandemic The Coron ...
Read More
Nov 19, 2018

Breaking Down the New California IoT Law

Application Security
Recently California passed legislation regarding the security of all I ...
Read More
Nov 14, 2018

Securing mobile apps against reverse engineering and hacking [Podcast]

Application Security
Listen to Alissa Knight interview Ken Jochims about Arxan Technologies ...
Read More
Oct 25, 2018

Securing Connected Medical Device Apps [Infographic]

Application Security
Contact Us