Support 100 years of independent journalism.

Advertorial feature by Kingston Technology
  1. Spotlight
7 November 2019updated 09 Sep 2021 3:59pm

Bring your own device, not your problems

Allowing employees to use their own devices in the workplace can introduce new security risks.

By Robert Allen

Flexibility is the ongoing trend of the 21st century working environment. In many cases, bring your own device (BYOD) is an integral part of the conversation. It improves productivity, allows companies to omit requirements on fixed hours, and can remove the significant expense of office space and equipment. But there are also problems when it comes to using personal devices for work purposes. If unencrypted devices are lost or stolen, third parties have potential access to confidential data, resulting in dire effects for an organisation, threatening its reputation and finances, in part due to the EU’s GDPR legislation.

So, how do you reap the benefits of BYOD, while ensuring the integrity of your data security? The answer lies in education, strict security policies and hardware encryption. There is still a long-standing variable within the human element/insider threat factor, which contains the issues of lax standards and policies, along with lack of accountability and responsibility. Data, personal identifiable information and confidential information are still the key elements in need of our most profound protection.

Recent breaches, exposures and compromised assets have highlighted that most of these incidents were from preventable mistakes that we allowed to happen. Simple oversights ranging from lack of attention, prioritisation of proper standard and policies and procedures in place were the culprits in the majority of incidents.

How secure your data is depends on the kind of encryption you use. Knowing the differences between them should affect your IT policy. Careful planning and adequate training ensures employees are still able to bring their own devices to work, while sensitive company data remains protected. Beyond SaaS and software encryption, employees may need to store data on local devices.

How do you mitigate risks in this scenario? Hardware-encrypted solid state drives (SSDs) provide end-to-end data protection. It’s essential that anyone working remotely with a laptop equip themselves with SSDs that are hardware-encrypted. There is a whole host of features to protect BYOD and mobile users, such as leveraging data loss prevention (DLP) software suites with compatible self-encrypting drive SSDs or TCG Opal 2.0, to Bitlocker hardware-encrypted solutions such as eDrive.

Sign up for The New Statesman’s newsletters Tick the boxes of the newsletters you would like to receive. Quick and essential guide to domestic and global politics from the New Statesman's politics team. The New Statesman’s global affairs newsletter, every Monday and Friday. The best of the New Statesman, delivered to your inbox every weekday morning. A weekly round-up of The New Statesman's climate, environment and sustainability content. A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A weekly dig into the New Statesman’s archive of over 100 years of stellar and influential journalism, sent each Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.

I always challenge companies that present or pitch at our offices about the devices they are using and I am shocked at how many have overlooked using a hardware-encrypted SSD. When you need portability, USB drives are an essential tool for data transport and backup. But while their size offers mobility, it does also make them easy to lose. For a small price, hardware-based encryption built into external USB devices mitigates this risk. The top-of-the-line Advanced Encryption Standard (AES) 256-bit used in high-end encrypted USB drives is secure enough to be FIPS-certified, endorsed by government organisations.

Agreeing to BYOD requests may seem like an inexpensive and simple way to create a relaxed working environment. But without taking a few precautions, the potential risks to company data security could prove costly. Enforcing a solid hardware encryption policy allows you to embrace the BYOD culture without adding risk, cost and expensive tools.

Robert Allen is director of marketing and technical services at Kingston Technology.

For more information, please click here.

Topics in this article: