BYOD – Bring Your Own Device

Bring Your Own Device, or BYOD for short, refers to the use of private devices in professional life. Usually, this refers to smartphones, tablets and laptops.

What does BYOD mean in detail?

The most important feature of BYOD is the mixing of professional and private use. This can result in different cyber risks for the company in question.
For example, a privately used device may not be updated as quickly as the company’s IT. As a result, known security vulnerabilities in private devices remain longer and can be exploited by malware. This malware can then spread throughout the company by e-mail or the next time you log in to the company network.
The programs on the devices are also often an issue under the keyword BYOD. Because they can also have an impact on the company. For example, if a program of dubious origin is installed on the laptop or smartphone that is also used professionally. If it turns out to be malware, it may also be able to spread within the company network.

The issue of data protection – or more precisely, the protection of personal data – must also be taken into account in BYOD. For example, a private smartphone, on which work emails are also stored, can be lost, stolen or briefly given to another person. In all these cases, unauthorized third parties potentially have access to the work e-mails and the personal data contained therein.
In addition to smartphones, tablets and laptops, many other private devices are finding their way into everyday working life. For example, the smartwatch may access the company’s internal Wi-Fi. Or in the home office, the private fitness tracker or e-reader is charged via USB on the laptop that is also used professionally. The more complex these devices become, the more important it becomes for companies to consider them under the topic of BYOD.

Where do I encounter the topic in everyday life?

Just a few examples of BYOD:

• Work e-mails are checked on the private smartphone
• A presentation moves from the office to home on the USB stick and back again revised.
• In the home office due to the pandemic, the private laptop replaces the company’s own desktop computer.
• Business phone calls are also made with the private smartphone

What can I do to improve my security?

In principle, every company should provide clear guidelines for BYOD. In other words, how it deals with the issue itself and how its employees should deal with it. The clearer the requirements of the directive, the better all parties involved can adhere to them.
Companies that do not yet have a BYOD policy in place should create it in consultation with your IT department, your external IT service provider or a specialized IT security company such as Perseus.

For employees, the following applies: If the devices used for professional and private purposes are not yet an issue in your company, act proactively. Follow the basic rules for increasing cybersecurity:

• Always turn on screen lock when you’re not working on the device.
• Protect any device with password, PIN, fingerprint, facial recognition, etc.
• Install updates immediately.
• Pay attention to password security.
• Make backups.
• When it comes to new software and new apps, pay meticulous attention to their reputable origin.
• Use virus scanners, for example, to check USB sticks before use.
• Be on the lookout for phishing attacks in your professional and private life and be critical of emails, attachments and links.