As mobile devices create ever-increasing opportunities for connectivity, so increases the opportunities for cybersecurity risks; the lines between professional and personal use are becoming blurred.
Overworked professionals are trying to boost productivity any way they can, leading nearly 90 percent of employees to access company data on their mobile devices. And businesses equally hungry for efficiency are responding with bring-your-own-device (BYOD) programs.
A Techjury survey found that 87% of organizations rely on their employees’ access to business apps on their mobile phones, and another discovered that 59 percent of businesses have some kind of BYOD plan in place.
It doesn’t help that the surge in BYOD-friendly workplaces coincides with an explosion in corporate hacking following the COVID-19 global pandemic. Approximately 76% of organizations suffered data loss and system crash incidents in 2021 due to cyberattacks.
Overall, cybersecurity trends show that cybercrime has increased by 600 percent in the past two years, with an average of 30,000 global website attacks per day. Purplesec’s article estimates that the total cost of cybercrime to organizations worldwide will add up to a staggering $10.5 trillion per year by 2025.
The Risks of BYOD and Mobile Devices
Keeping corporate information secure on employees’ mobile devices isn’t easy – in fact, it’s the third biggest challenge IT providers face. More than 60 percent of top IT decision makers view mobile devices as a significant security risk to organizations.
The more devices you have on your network, the more vulnerable you are to cybersecurity risks. 48 percent of companies reported that they have seen “malware introduced through an employee’s personal phone.”
Sadly, only 53 percent of BOYD businesses are satisfied with their organization’s mobile security. These include (but aren’t limited to):
- App-related vulnerabilities
Downloaded tools, such as apps, create weak spots in cybersecurity that can open the device to hacking.
- Lack of password protection
Approximately 51% of surveyed employees use their mobile devices in the workplace, and 56% of them stated they aren’t using two-step authentication.
- Lost or stolen devices
In 2021 alone, 8.7 million smartphones were stolen or lost in the United States.
Cybersecurity Training for Employees
So what can businesses do about these threats? A BYOD policy crafted to minimize your company’s risk is a necessary first step. Raising awareness about cybersecurity among employees is also vital. While these are important steps, it’s important not to stop there.
Here’s an unpleasant truth: Employees who lack sufficient training will break the rules even if they know it could harm your BYOD business.
Consider the behavior of state and local government employees, a quarter of whom access government email and documents from their personal mobile devices, researchers found. The 25 percent of non-federal government employees is a drastic difference from the 9% of federal employees who use their mobile devices for work-related tasks.
For this reason, it’s crucial to engage employees with high-quality data security training to reduce the chances of cyberattacks within the workplace.
Training employees on data and BYOD security best practices during onboarding – and even following up with annual training – isn’t enough. To be effective, cybersecurity needs to become part of the corporate culture.
Regular testing with simulated security events, for example, allows managers to identify those who pose the greatest risk to the organization and provide remedial training to protect against cybersecurity risks.
The Future of Mobile Devices and Cybersecurity
While there’s no way to eliminate the potential hazards of BYOD and mobile devices, the right policies and training can help transform your workforce from a cybersecurity threat to your first line of defense against mobile data theft.