BYOD is Putting Your Business at Risk: 6 Ways to Keep Your Data SafeAccording to the Global Information Security Survey, 88% of organizations feel they’re losing control over their data, and with the rise of BYOD (Bring Your Own Device) it’s easy to see why! In the worst case scenario, your employees may be walking around… Read More
BYOD is Putting Your Business at Risk: 6 Ways to Keep Your Data Safe
In the worst case scenario, your employees may be walking around with confidential corporate data stored on a personal device that isn’t even secured with a PIN or a password. If one of these devices is ever misplaced, lost or stolen, then it could result in a third party gaining access to your company’s data.
If your employees access any company-owned data on their personal devices, then this represents a huge security risk to your business.
Since it’s practically impossible to ban BYOD, in this article we’ll be sharing the tips, techniques and software your business needs, to ensure its private corporate data remains private.
1. Remotely wipe confidential data from a lost or stolen device
Imagine one of your employee’s personal devices has gone missing, and you know that device contains confidential customer information. Potentially, a third party may be about to sell this data to your biggest competitor, or publish it online.
But a single misplaced smartphone or tablet doesn’t have to spell disaster for your company! If you’ve migrated to the cloud, then your Office 365 admin can use Mobile Device Management to remotely wipe all confidential data from the missing device:
● Head over to the Office 365 Security & Compliance center.
● In the left-hand menu, select “Data loss prevention > Device management > View the list of managed devices.”
● Select the device that you want to wipe, followed by “Manage.”
Your Office 365 admin can now choose whether to:
● Perform a factory set. This removes all data from the missing device, including all installed apps, photos and personal information.
● Remove company data only. Any installed apps, photos and personal information will remain on the employee’s missing mobile device.
2. Be proactive: Setup automatic Mobile Device Management policies
Depending on the size of your organization, and whether your employees span multiple offices, it may not always be possible for your Office 365 admin to immediately respond to every remote wipe request.
When confidential company information is lost in the wild and potentially in the hands of a competitor, it’s vital that you secure that information as quickly as possible.
Your Office 365 admins can create Mobile Device Management policies that automatically lock or wipe a device in response to suspicious activity, for example multiple failed sign in attempts.
To create an Office 365 Mobile Device Management policy:
● Sign into the Office 365 Security & Compliance center.
● In the left-hand menu, select “Data loss prevention > Policy.”
● Select “Create a policy.”
The Security & Compliance center will now guide you through the process of creating a Mobile Device Management policy.
3. Ask your employees to setup Find My Device
If an employee’s Windows device goes missing, then they can use the Find My Device feature to locate and lock that device remotely.
Although Office 365’s remote data wipe is the preferred way to secure confidential data, Find My Device can be activated by the device’s owner. In scenarios where your Office 365 admin is unavailable and they haven’t implemented any automatic Mobile Device Management policies, Find My Device may be the only way to secure a lost device. Find My Device can also be useful for determining whether a device is truly lost or stolen, or whether it’s merely been misplaced, without having to involve your Office 365 admin.
To activate Find My Device for a Windows PC, laptop, Surface, or Windows phone:
● On your device, navigate to “Start > Settings > Update & Security > Find my device.”
● Select “Change.”
You can then use this feature to locate a missing device:
● Sign into your Microsoft account.
● In the toolbar, select “Devices.”
● Open the “Find My Device” tab. Your device should now be displayed on a map.
If you decide to remotely lock this device, then select “Lock > Next.”
4. Don’t rely on passwords: Setup mandatory Multi-Factor Authentication
According to a 2018 poll by LogMeIn, 59% of people use the same password for multiple accounts, with nearly 47% of respondents admitting that they use the same passwords for their personal and work accounts.
With such a high rate of password reuse, you can’t rely on passwords alone to keep your corporate data safe. In the worst case scenario, a single leaked password could grant a third party access to the employee’s personal device and all the password-protected corporate data stored on that device.
To help keep your data safe, it’s recommended that you enforce Multi-Factor Authentication (MFA) across your organization. MFA adds an extra layer of security, so even if a third party does manage to acquire an employee’s password they’ll be unable to access their device without passing an additional security check, for example answering a phone call or performing biometric authentication.
For organizations who run on Office 365, your admin can activate MFA and make it mandatory for all employees:
● Head over to the Microsoft 365 admin center.
● In the search bar, type “multi” and then choose “Azure multi-factor authentication settings.”
● Select “Manage multi-factor authentication.”
● Select all the employee accounts where you want to enable MFA.
● Towards the right side of the screen, select “Enable.”
● In the subsequent popup, select “Enable Multi-Factor Authentication.”
● Select all the accounts where you want to make MFA mandatory.
● Select the “Enforce” link that appears.
● When prompted, select “Enforce Multi-Factor auth.”
All of these accounts will now be required to setup multi-factor authentication.
5. Ensure your employees are cyber security-savvy
One of the major reasons why BYOD poses such a huge threat, is the fact that employees typically aren’t aware of the dangers. Checking business emails on your personal smartphone outside of regular working hours is often seen as the sign of a dedicated employee, rather than a security risk.
The most effective way to protect your business against data breaches and leaks, is to arrange some staff training. Only when an employee fully appreciates the dark side of BYOD, can they take the steps necessary to secure their personal device - and by extension, all the corporate data stored on that device.
At Systems Assurance, we have decades of experience offering a wide range of security-focused staff training. We can even arrange immersive training exercises that give your employees hands-on experience identifying and avoiding the cyberattacks that are increasingly targeting mobile users.
Want to talk through your businesses’ unique security training needs? You can schedule a free one-on-one call with one of our specialist engineers today.
6. Create a company BYOD policy
Just because an employee has successfully completed security training, doesn’t automatically mean they won’t be tempted to take a shortcut or bend the rules, especially when they’re under pressure in the workplace, for example if they’re struggling to meet a deadline.
After training your staff, it’s recommended that you implement a company BYOD policy that clearly outlines the steps these employees are expected to take, in order to safeguard corporate data. This policy should communicate that it’s every employee’s responsibility to ensure company data is never accessed or stored on an unsecured personal device.
To encourage your employees to take this policy seriously, you could even ask them to physically sign the policy. Requesting a signature can make the difference between an employee viewing a policy as a formal contract, or treating it like just another Terms and Conditions-style popup that they click through without even really reading properly.
Claim Your One Month FREE Trial of Microsoft 365 E5 Today.
Speak to a member of our team today 0114 292 2911 or email firstname.lastname@example.org if you need any assistance.
Share this article on social media
If you found this article useful, please share it on social media.
Subscribe to our blog...
We will only use your email to send you new blog posts.
Cybersecurity incidents have become more and more common for small and medium-sized businesses, making it critical to know how to prepare and respond. If your business hasn’t been hacked yet, it could very well be next. A study by the Better Business Bureau found that 23% of small businesses (≤ 250 employees) reported having been the… Read More
Why Millennials are the Biggest Threat Facing Your BusinessDo your staff ever respond to work emails on their smartphones? If an employee suddenly comes down ill, do you encourage them to stay at home and work from their personal laptop? When a crisis strikes outside of regular working hours, do you expect your staff to… Read More
Top 6 Reasons Why Businesses Migrate from G Suite to Office 365 Are you considering migrating from G Suite to Office 365? Perhaps you’ve compared G Suite and Office 365, and concluded that Office is a much better fit for your business; or maybe you’re still unsure which productivity suite has the features you need, and want… Read More
When you hear the term “productivity suite” chances are two products spring immediately to mind: Google’s G Suite, and Microsoft’s Office 365. Both products offer similar functionality and both are popular amongst business users – but which suite has the most to offer your business? Perhaps you’re starting a new business; maybe you’re an established organization who’s… Read More
Automatically Track Your Expenses With Excel Online and One DriveMany businesses have a streamlined process for managing invoices and bills, but recording irregular expenses such as train tickets and store receipts can be a whole different matter. For busy employees, recording their spending as it’s happening can feel impossible. When it’s the end of the month… Read More
Automatically Send a Working From Home Email with Microsoft Flow Do you give your employees the option to work from home (WFH)? Remote working can offer many benefits, including increased employee satisfaction and productivity, but if you don’t have WFH policies in place, then it’s easy to lose track of where your employees are. In this blog, we’ll… Read More
Create a Vacation Approval Workflow with SharePoint Online, Forms and Microsoft Flow. Do your staff waste hours performing the same repetitive tasks, over and over? You could save your business time, effort and money, by using Microsoft Flow to automate all of your most commonly-performed processes. In this article, I’ll show how to take the pain… Read More
Does your business rely on Windows Server 2008, 2008 R2, 2012 or 2016, or SQL Server 2008, 2008 R2, 2012 or 2014? If you’re using any of these products, then they’re rapidly approaching end-of-life (EOL).
If you continue to use any of these versions of Windows Server or SQL Server after the EOL deadline, then you’ll no longer receive security updates, even for critical security threats. To avoid exposing your business to data breaches, malware and even potential legal ramifications, it’s vital that you take action before the end-of-life deadline.
So, what steps should you take, if you’re currently using any of these Microsoft products? Read More
Prepare for Windows Server 2008 and SQL Server 2008 end of support.With end of support for Windows Server 2008 and SQL Server 2008 fast approaching, now is the time to start thinking about modernizing your infrastructure.Extended Support for SQL Server 2008/2008 R2 ends July 9, 2019Extended Support for Windows Server 2008/2008 R2 January 14, 2020After… Read More