RainKing Analytics reports that growth in frequency and volume of cyber-attacks is leading many firms to re-evaluate their mobile device security and bring your own device (BYOD) policies. With all the threats that are in the news, this could be a good time to reconsider BYOD.
Anthem settles claim for $115 million
Anthem, the largest health insurance company in the US suffered a serious data breach in 2015. It resulted in the theft of nearly 80 million records, including client names, birth dates, addresses, emails, medical IDs and Social Security numbers. Today Anthem is waiting on a judge’s approval to settle a class action lawsuit for a record $115 million settlement.
But Anthem’s massive breach doesn’t compare to Yahoo, whose 2014 breach, affected 500 million user accounts. Three months later, the company disclosed an even bigger breach that happened in 2013 and affected a billion user accounts.
In May DocuSign, an electronic signature service, found that its system was hacked. Nearly 100 million account holder emails were accessed, but DocuSign insists that “no content or any customer documents sent through DocuSign’s eSignature system was accessed…” Nonetheless, the attackers used the information to send phishing emails that appeared to originate from DocuSign customers. WannaCry has infected over 300,000 computers across multiple countries and industries, including healthcare providers, financial service firms, and more. The infection locks users out of their computers.
The hits keep coming
A recent new ransomware attack, “NotPetya,” has targeted thousands of PCs globally, including in banks, airports, government agencies and other businesses in the UK, Ukraine, and Spain. Much like the response to the WannaCry Ransomware attack and the Google Docs Phishing scam, companies plan to invest in security training for employees. According to RainKing Analytics, firms are re-evaluating BYOD policies, planning for increased investment in mobile device management.
One approach for deciding on whether or not BYOD make sense is to evaluate how different employees use mobile services.
First, there are road warriors and executives that need to be reachable outside normal business hours. They are likely to have sensitive data on devices that need to be protected. These employees have jobs that benefit the most from mobile access to corporate data and applications. Providing them with corporate liable devices where the organization pays for their mobile services is smart. They need mobile services to do their jobs effectively.
A second justification comes from the savings achieved from corporate volume purchase discounts and proactive management of these employees’ mobile expenses.
A third consideration comes from the need to avoid disruption of their work if their device stops working.
Comview can help your organization with your corporate liable and BYOD mobility management challenges