(This is an article contributed by a vendor and readers should not assume that any views expressed reflect those of IT World Canada.)
The Bring Your Own Device (BYOD) trend is now so far along that it is simply a fact of life for most businesses.
This change has happened quickly. Way too quickly for understanding all the security implications this trend has. Only last year did the Apple iPhone overtake the BlackBerry as the top seller in Canada – another sign of the decline of the corporate-provisioned mobile device.
Today, customers, partners, employees and contractors alike all want to connect to business applications using their own computers, mobile phones, laptops and tablets. All of these connections from unknown devices elevate risk to corporate data and applications.
The pace of change has caught virtually all IT organizations on their heels when it comes to understanding and mitigating the risks of BYOD. Keeping employees on enterprise BlackBerrys is proving to be difficult, as people want to use their iPads and iPhones for work. Some organizations are adopting Mobile Device Management (MDM) solutions, but these solutions don't address the risks of unprotected personal laptops or devices belonging to partners, customers and contractors.
The increased flexibility of BYOD initiatives introduces many risks – either on the device or outside of the device. Many examples come to mind; for example, if your employee is using services such as DropBox privately, can you ensure that no corporate data is moved there as well? Do you know if your data has been compromised?
The rising malware risk
The proliferation of personal devices in the enterprise raises many risks, including the potential for data loss. It's easy for a laptop containing corporate data to be forgotten in a cab. Less visible but no less real is the risk of malware being used to infiltrate systems or steal data. It's much easier for cybercriminals to steal an employee's identity than to breach a corporate firewall.
The Aite group found 25 million new, unique malware strains released in 2011 alone. Android malware is rising precipitously, and even iPhones are not immune, with Kaspersky Lab discovering malware in the Apple App store in July of this year.
All of this malware is getting harder to avoid. For example, children are using home computers and their parents' tablets at younger ages and may unwittingly download malware. Personal devices are often used on insecure Wi-Fi networks or applications. Personal devices can easily pick up malware through common online activities, such as:
Clicking on a hidden URL: Social sites like Twitter use shortened URLs that make it difficult to see where a link will take you.
Searching for topical events: Cybercriminals use breaking news events to display site engine optimized sites that are infected with drive-by downloads.