Secure Remote Access

Is BYOD a Threat or an Opportunity?

Would you rather carry two smartphones – one from your employer for work stuff, and your own for your personal use – or would you rather just use your own smartphone for both?

There’s no question that most employees have a strong preference for using their own phone. Indeed, a Samsung study found that 78% of employees feel they achieve a better “work/life balance” by using a single device. With employer-supplied devices, in addition to the hassle of needing to carry two phones, there’s the hassle of learning how to use two different devices. Even though manufacturers do all that they can to make user interfaces intuitive, every device has its own quirks that take getting used to.

Employee preferences are not the only reason “bring your own device” (BYOD) has become so popular. There are many benefits to the employer as well: for instance, employees report that they are more productive when they use their own devices. A Cisco study found that employees in the US using their own devices gained 81 minutes a week in productivity, compared with employees using company devices. And there are the very obvious cost savings to the company – you don’t have to buy a new phone every couple of years for every employee who needs to work on the go.

A 2016 survey by Syntonic shows just how pervasive BYOD has become:

  • 87% of companies rely on employees having access to mobile business apps from their personal smartphones
  • 45% of US employees are required by their employer to use their personal smartphone for work purposes
  • Two thirds of employees use their personal smartphones for work, regardless of whether it’s required by their company
  • Companies estimate employees use their personal smartphones for work purposes outside of work over 6.7 hours per week

Most IT decision makers – 69% according to one study – feel that BYOD is a good thing and is a positive move for their organization.

But not everyone shares that rosy perspective on BYOD.

In a recent article in The Register titled “BYOD might be a hipster honeypot but it's rarely worth the extra hassle,“ David Cartwright claims that

BYOD sounds – sounded – like a great idea. But it opened a whole new world of complexity in terms of support and device management that had not been foreseen beforehand…Owning the device brings back some much-needed control to proceedings: if you own the device you can be totally black-and-white about what users are allowed to do and what they're not.

Cartwright’s biggest concern is security – “connecting stuff you don’t own into the corporate network is a security nightmare.” Compatibility and control are additional concerns of his.

An Information Age article, “iOS 11 security risks: time to question the BYOD policy” supports Cartwright’s assertion. That article points out that iOS 11 changes to Bluetooth and WiFi configurations have resulted in new vulnerabilities through Internet of Things devices, such as Apple TVs or FitBits.

Another security concern surrounding BYOD is what happens when employees trade in their phones. A survey from Blancco claims that 66% of mobile users surveyed said they stored at least some company data on their devices, and nearly half said their employers don’t know what corporate data is on their personal devices.  That data is in danger of being compromised when employees trade-in their devices for new ones (or simply lose them), as most non-technical employees don’t know how to securely wipe all data from their phones.

One obvious solution is to allow employees to access the corporate network, by using their device solely as a “dumb terminal,” with no actual corporate data or apps at all stored on the device. This solution solves almost all security concerns related to BYOD.

Cartwright claims that you can do this

…using some kind of virtual desktop à la Citrix or VMware. Again this is non-trivial and not cheap: it needs hardware, software, knowledge, and maintenance.

Delivering remote desktops and applications CAN be expensive and difficult to implement: but it doesn’t HAVE to be. In fact, some solutions are described by the IT and network managers who administer them as both “cost efficient” and “simple to use and administer”.

Ericom Connect is a hyper-scalable, rapidly deployed, remote application and desktop solution that enables organizations to simplify and manage secure remote access to corporate desktops and applications. Offering both native and web-based end-user clients and administrative management, Ericom Connect is an ideal BYOD enabler that proves that providing a remote access solution doesn’t have to be complex and expensive .

Another security concern with BYOD is that when software updates and patches are left to employees, rather than being managed by IT professionals, compliance naturally suffers. Alternatively, some software and plugin updates (e.g., Java) may create an incompatibility with your own network. Ericom Connect solves those issues as well – our browser-based access uses only native HTML5 browser technology, with no client-side software or plug-ins required AT ALL. By leveraging clientless remote access, employees can work on their corporate desktops and applications securely and efficiently from any device using a standard browser, no matter what other apps are installed or how frequently they apply updates and patches.

Choosing the right remote access solution can transform BYOD from a security nightmare to a wise business decision that makes life easier for both employees and IT managers, while sending savings straight to the corporate bottom line. A win for everyone – an opportunity, not a threat.

Click here to try an online demo now!

Gerry Grealish

Gerry Grealish

Chief Marketing Officer | Ericom Software
Gerry is a security industry veteran, bringing over 20 years of Marketing and product experience in cybersecurity and related technologies. Responsible for marketing and business development, Gerry previously was at Symantec, where he was responsible for the go-to-market activities for the company’s Network Security portfolio. Prior to Symantec, Gerry was at Blue Coat, which he joined as part of Blue Coat’s acquisition of venture-backed CASB innovator, Perspecsys, where he was CMO.