Employers know that employees prefer BYOD (bring your own device) policies and that they can increase productivity. However, BYOD can have some downsides. The most prominent concern among those who have to address the BYOD issue is an increase in data security risk. Obviously, the more devices you have to connect to your data, the more opportunities you create for a breach. Simply put, a house with 20 doors and 50 windows with multiple lock styles is a bit more vulnerable than a house with one door and one window.
BYOD increases the risk to the organization. Data breaches bring a few layers of concern. First, the loss of proprietary data can affect your competitive status in the market. However, the real high-visibility problem is the theft of your customer’s data. Theft of personal data brings three serious consequences.
Consequences of BYOD
There are many consequences that will happen if BYOD leads to your data being breached.
First, data breach laws require informing all victims of the data breach, and in some cases, the company must also notify the media. This public visibility can have long-lasting implications for brand value.
Second, you face a short- and long-term revenue hit if BYOD is breached. Customers angry and frustrated and others who learn about the breach through social media, word-of-mouth, and traditional media sources may move their business to the competition.
Third, data breaches can bring civil penalties. In the case of the General Data Protection Regulation (GDPR) in the European Union, these penalties can be extremely severe. ( And keep in mind, the GDPR doesn’t just apply to entities physically operating within the EU. It applies to the data of any user who is a citizen of the EU.)
In summary, given the severity of the consequences and the increased vulnerability created by BYOD, it is important to develop a BYOD policy with strict parameters. It cannot be a “wild west” of anything goes.