Security in BYOD policies

The companies' priority objective for 2018

15 Jan 2018

The answer to the question of who we spend the most time with is probably not who but what. We are hooked to cell phones, and Spain is, no more and no less, the 5th country in the world that spends more time with this type of device. An average of two hours and eleven minutes a day that we spend mainly on the use of applications, according to the latest report by Statista.

What we are often unaware of is the app’s handling of our information, since once we consent to access our personal information, the application will be able to share it with other third party companies. So it’s no wonder that security has become a top priority for millions of data-intensive companies. The main decision that worries them is whether or not to opt for a BYOD policy.

A complex decision, since investing in mobile devices involves an expense that is not always easy to bear, but also entails an investment in corporate security. While opting for ‘bring your own device’ means saving money on hardware, but having to spend it on reinforcing security, since a device that the worker uses for both personal and professional purposes entails a series of risks and problems that must be addressed.

In this article we are going to give some keys on how to apply BYOD policies in the company in a safe and effective way.

BYOD policies

The use of cell phones is part of our daily life as citizens, but also of our routine within the company. For this reason, many companies have opted for BYOD policies, accelerating their digitalization process without incurring such high initial costs.

However, the main fear behind the use of the same mobile device for personal and professional purposes is security, because with these policies theuse of data is intensified and preserving the security of information becomes more complicated.

However, some mandatory guidelines may help to achieve the best results and minimize risks.

Introducing multi-factor authentication methods for identification

Let’s not fool ourselves, you cannot use the same technologies in company policy that an Internet user uses, because the information to be handled is confidential and, in most cases, it costs a lot of money. For example, a password can be easily hacked by a computer scientist, so to ensure data protection, it is advisable to introduce a multi-factor authentication (MFA) method. Sabotage in these cases is much more common than in private use.

AMCs differ from traditional passwords in that they introduce additional filters to verify that the person logging in is actually the user of the account. They are used in cases where enhanced security is required, because the nature of the information that can be lost is also more sensitive.

To delimit the functions that each member of the company will have.

BYOD policies applied to the use of the device in the company have to delimit well what things an employee can and cannot do.

For example, you may be able to edit documents and send files, but certain other functions that you can do may be restricted. In addition to using the software to narrow it down, communication and training at the beginning is also essential. By sending a list of best practices, we will be able to promote uniformity in use.

But it is also the best tool to make employees aware of the responsibility of taking home applications with corporate data of the company.

Similarly, it is recommended that employees sign a confidentiality agreement and that they are clear about the company’s BYOD policy.

Prevent infection of systems

In addition to the so-called pishing, another recurring problem in this type of system is malware, or malicious software, which can render the device unusable. The advice is that when implementing an enterprise mobility solution, this risk should be assessed beforehand, as more stringent security policies may need to be implemented. For this reason, it is recommended that the partner that will provide the software to the company should be reliable.

Pre-testing is another good option; in fact, iteration models fulfill this function by allowing the detection of possible failures that can be repaired in time.

Adapting the system to the company’s needs

It may seem obvious, but it may not be in the best interest of data security to have an infrastructure that is not going to be used. Therefore, it is essential to delimit the functions of each member of the company and, with them, the limits of use.

For example, in companies where salespeople are on the road, enterprise mobility solutions become indispensable tools for inventory inquiries and ordering. In this case, it is essential to have a centralized system that updates this information in real time.

However, it is also possible that the only function that the employees of this company have is to send certain confidential documents. If so, special encryption will still be necessary, but perhaps other structures can be dispensed with.


It should be borne in mind that 70% of Internet connections are already made via the Internet. The company has also been aware that the use of mobile devices and, therefore, security is a priority for all companies, but especially for those that opt for BYOD policies.

From the company’s point of view, it is essential to preserve the ownership and proper use of data, while from the employee’s perspective, it is essential to respect and safeguard the confidentiality of the information handled.

Subscribe to our blog and newsletter, and keep up to date with the latest news on digital transformation and innovation affecting your sector.
Despite the fact that the European Union's new General Data Protection Regulation will oblige companies to increase the hiring of security experts by May 25, 2018, most companies have yet to take action. In addition, the Center for Cyber Security and Education, the non-profit association of professionals (ISC) and Frost & Sullivan have published a recent study that forecasts that, the shortfall of professionals in 2022 in cybersecurity will reach 1.8 million.

Lola Hurtado

Marketing Manager at FIELDEAS

Linkedin iconEmail iconTwitter icon
More related information
Ventajas y retos eCMR_header_FIELDEAS Track and Trace

11 Apr 2024

eCMR or electronic consignment note, why implement it?

The eCMR or electronic consignment note is the digital version of the traditional consignment note or CMR and is regulated internationally by the Additional Protocol to the Convention on the…

Optimizar la gestión de muelles_FIELDEAS Track and Trace

09 Apr 2024

8 benefits of optimizing loading and unloading dock management

Failure to optimize the management of loading and unloading docks in logistics platforms or distribution centers is one of the most critical points in the supply chain and is often…

Digital form integrated in the product life cycle in manufacturing_header

04 Apr 2024

How digital forms in manufacturing processes help you collect, manage and analyze data

The integration of digital forms into manufacturing processes brings a wide range of benefits to the industry by digitalization the collection, management and analysis of data in the life cycle…

Advanced Factories_header_3

02 Apr 2024

FIELDEAS at Advanced Factories 2024: driving the digitalization of industry

Once again, FIELDEAS is present at the essential event for Industry 4.0, the Advanced Factories 2024 fair, which celebrates its eighth edition from April 9 to 11, 2024 at Fira…