show image

BYOD security risks undermine overall benefits to public sector

Bring Your Own Device (BYOD) is a massively productive idea handled correctly, but new research from managed service provider Annodata suggests that local authorities aren’t putting the right policies in place to make it safe.

The idea is relatively simple. Instead of buying mobile phones and/or tablets for colleagues, a local authority asks staff to use their own items. This works as long as apps are compatible and the connection to the main system is secure.

It’s in this last section, the security piece, that Annodata is suggesting BYOD is failing in the local authority sphere.

BYOD policies

Annodata issued a Freedom of Information Act request to all 79 local authorities in England and found that 42 per cent do not have a BYOD policy in place. In the light of the impending GDPR legislation, this is potentially very serious as the need to lock data down will become even more paramount than it is at the moment.

Joe Doyle, marketing director at Annodata, acknowledged the gans in productivity possible due to BYON – there is no need to train people in using their own device and of course the capital spend on equipment is reduced. However, the absence of a policy means that there could be data leakage, he added.

“The public sector in particular needs to approach BYOD with due diligence and special emphasis needs to be placed on security when employees are using their own devices to access an organisation’s data. Despite this, our research highlights that a number of local authorities are yet to implement specific and enforceable measures.”

“Enforceable” is an important component of that quote. Informing employees of the consequences of not conforming to a policy is as important as having a policy in itself, as is actually enforcing it rather than simply issuing threats.