It's official: businesses that allow mobile workers are in the majority. In fact, they're the overwhelming majority. This trend has only been fuelled by the pandemic when large sections of the population had no choice but to work from home
At the same time, the 'bring your own device' (BYOD) trend is gaining prominence, with many employees using their own devices for work. Some companies allow employees to choose their own IT equipment (such as their preferred phone model or laptops). Others actively encourage staff to bring in their own equipment.
There are some extra security risks involved if you decide to encourage BYOD. But even if you're not actively encouraging BYOD, it's vital you stay aware of the dangers, because it's likely some employees will use their own equipment - whether you like it or not.
Bring your own device: the consumerisation of IT
Social media is now an important part of work life - as are mobile devices, and as more employees work from home, traditional business IT policies on computer usage and data security are becoming antiquated.
This is often called the 'consumerisation of IT'. It's the migration of consumer technology - including devices and applications - into business computing environments.
There are lots of examples out there. For instance:
- Your business using Facebook
- Your employees checking work email on their own smartphones
- Staff using their own credit card to sign up for a cloud computing service to save time
- Employees using instant messaging services such as WhatsApp to communicate with colleagues and clients
The consumerisation of IT presents a big opportunity for small companies. But it's also creating a new problem for many: IT policies that ban the use of employee-owned devices in the name of security inadvertently create bigger security holes as users skirt IT restrictions.
In other words, locking down your devices forces staff to find their own alternatives, undermining the policies you're trying to enforce.
Many businesses see an opportunity here. Instead of preventing staff from using the technologies they choose, they're allowing employees more flexibility in how they work.
This often manifests itself in a bring your own device (BYOD) policy, which allows employees to use their own devices (smartphones, tablets and so on) at work.
Taking advantage of the new world of IT
For your business to make the most of these changes, you need to understand what's actually happening. Here are the five key trends that could push your business IT in a new direction:
- The rise of social media for business. It's hard to overestimate the impact of social media - both on the workplace and on society in general. According to research, the average time spent on social media has risen to 145 minutes per day. Social media and mobile devices are becoming extensions of personal relationships in a way that makes it hard to separate the technology from groups of friends and colleagues. As a result, your staff expect to be able to communicate within these networks. It might mean using Twitter, Facebook or LinkedIn at the office, if you block access to these platforms, you could be alienating your staff and inhibiting their work.
The blurring of work and home. Flexible working arrangements that encourage people to work from home (or elsewhere) make it harder to control how your employees use technology and to monitor where information flows. This issue isn't going to go away with many firms allowing staff to work from home for at least part of the week following the pandemic.
The emergence of new mobile devices. Smartphones are ubiquitous and there is a wealth of apps available. This means there is almost no limit to what can be achieved with a smartphone and that most employees have a powerful computer in their pocket when they come to the office. So even if you block Facebook on your company devices, there's little you can do to stop staff accessing it on their smartphones. This is a big challenge for businesses which like to decide precisely which devices and software employees can use. Like it or not, your staff will start using their own kit to do their work if they think it makes things easier. You should probably find a way to let them do so securely.
Shifting business models require tech-savvy people. Social media and mobile devices are affecting the relationships between businesses and customers. For instance, mobile commerce has come to the fore. And the influence of word of mouth recommendations is being amplified in a digital world where consumer opinion drives purchasing decisions. As a result, businesses will need people with new skills: internet-savvy knowledge workers who can listen in on social media and become involved in conversations happening outside your company's immediate control.
Employee expectations of IT are changing. Technology is becoming a recruitment and retention issue: younger workers want more flexibility, and if they don't get it, they're liable to look elsewhere. Try and see it from their perspective: how can they innovate and compete in this fast-changing era if you only provide them with a basic, entry-level PC running locked-down versions of out-of-date software?
Bring your own device risks
Here are five tips to help you stay secure, even when employees are using their own equipment:
- Accept the inevitable. Most employees will log onto the company network via their personal devices even if they're told they shouldn't. More than 50% of employees use portable devices to take confidential data out of their companies every day.
- Offer convenience as well as security. If your security policy is overly cumbersome or inconvenient, staff will find a way around it. Don't underestimate the ingenuity of employees looking to circumvent procedures that slow them down.
- Provide the right data storage equipment and services. It's all very well to say that your staff must encrypt any USB memory sticks they use, but unless you actually supply encrypted memory sticks or instead use cloud storage services, you'll find staff using their own, unencrypted methods of data storage, regardless.
- Pay attention to the small things. Losing a £5 memory stick can cost your business more than losing a laptop. That's because data on a memory stick is less likely to be encrypted. Staff are more likely to just replace the memory stick quietly and carry on as if nothing has happened.
- Your staff are your best defence. The most efficient way to prevent security problems is to train your employees on good security practices. Everyone should learn how to recognise phishing attacks, dodgy websites, fake adverts and other infection sources.
Mobile devices, social media and tech-savvy employees aren't going anywhere, and that's why every business should be considering how to deal with them now..
Move fast and there's a big opportunity. You can attract and retain the best, most tech-aware staff. You can give them the freedom to do exciting, innovative things. And you can build a productive workforce you judge on results - not on how many hours they spend in the office.