Antivirus software and encryption are often missing. (Photo: Freepik, sajibmridha)
Johannesburg – Many companies are putting themselves at risk or even taking high risks Punishusing a practice known as “bring your own device” for convenience and to reduce costs. Employees use their private devices such as smartphones, laptops, USB sticks and even private cloud storage for their work.
“Bring your own technology,” another common practice, even includes the use of personal software for business activities. According to the “Cybersecurity Readiness Index 2024” by Cisco Employees at 85 percent of companies worldwide use their own devices to access company platforms.
Vulnerable to cyber attacks
Personal devices are not always protected against cybercrime, according to Thembekile Olivia Mayayise, an information scientist at University of the Witwatersrandin a post for The Conversation. Antivirus software and encryption that convert plain text data into an unreadable format were often missing. This makes them vulnerable to cyber attacks. Such attacks are widespread and can be costly.
IT security specialist Kaspersky has documented 33.8 million mobile cyber attacks in 2023, an increase of 50 percent compared to 2022. Mayayise: “First, you need a comprehensive ‘bring your own device’ strategy that is tailored to the needs of your company. This should specify who needs to take what action and explain how the business needs will be met when employees are allowed to use their own devices.”
The company then has to create guidelines that help manage private devices, for example for selecting secure passwords. Websites that offer automatic saving when creating a new account are not a perfect solution. Password quality metrics are helpful in helping users create secure passwords. The introduction of multi-factor authentication also contributes to security.
Implement guidelines accurately
According to the expert, it is not enough to simply record guidelines on paper. Rather, these would have to be communicated to all employees and be easily accessible at any time via platforms such as the intranet. Updates should also be communicated to all users through various channels. “Offer regular, tailored training. Not everyone is tech savvy; Employees may need assistance installing security measures.”
Cyber security is a shared responsibility and it is important to be vigilant against certain threats such as whale phishing, where fraudsters impersonate a company’s senior executives to target other senior and key employees. A well-thought-out strategy not only protects against threats, but also an investment in the growth, stability and credibility of a company.
Source: www.pressetext.com
(pte003/01/23/2025/06:10)