Financial services is one of the biggest industries in the U.S. and globally, and doing a lot of business means having a lot of employees. It makes sense, then, that this tech-forward, high-stakes industry would be at the forefront of enabling its employees to avail themselves of all the tools they have on hand to get the job done. As reported in an article on BetaNews, the financial services industry is leading the business world in facilitating Bring Your Own Device (BYOD) for employees.
BYOD, a paradigm for employee device management in which employees are allowed to bring their own home devices—be they laptops, tablets, or smartphones—into the office, poses significant security risks if it’s not managed correctly. But despite the fact that the financial services industry is, due to the sheer amount of personal financial data it handles on a daily basis, one of the most likely to be targeted by hackers, the industry has not been taking BYOD security protocols as seriously as it should.
The BetaNews article reported that while 74 percent of the financial services industry is supporting the use of BYOD among some or all of its employees (compared to 72 percent of the general business world), only 14 percent has successfully implemented mobile access management solutions. In an area frequently targeted for cybercrime, with stringent regulatory burdens and potentially devastating consequences to consumers and reputation from data breaches, this is concerning. And as the BYOD trend continues to dominate how people work, the industry will need to take action.
BYOD: The Steps the Industry Is Taking (and the Steps It Has to Take)
Allowing employees to use home devices to connect to work networks has some well-established security pitfalls despite its popularity, especially when proper security measures aren’t enacted. Because employers can’t directly control what websites employees visit and what apps they download on their own personal devices in their own homes, it’s easy for end users’ devices to become infected with malware outside of the office and then carry it onto workplace networks.
However, mobile device management (MDM) platforms that allow in-house IT or MSPs) to manage and monitor certain features on an employee’s device as a condition of BYOD use are growing in popularity to deal with these concerns.
And while getting buy-in from employees to allow their employers to install software on their devices can sometimes be difficult, the next generation of MDM solutions has evolved to alleviate employee concerns over their general Internet usage being monitored, especially outside of work hours, and fears about being watched for HR purposes rather than purely for network security. Called “mobile access management solutions,” these software platforms enable workplace IT staff to gain visibility into, and set access on, only certain specific work-related apps on an employee’s computer.
The most cybersecurity-conscious financial services enterprises are implementing such solutions, using quality IT staff or highly regarded MSPs to manage them, and building out usage policies and guidelines that bolster the effectiveness of the solutions by teaching end users to change potentially cyber-insecure behaviors. The financial services enterprises that don’t do this should consider doing it soon. Even if an enterprise has an otherwise sound cybersecurity strategy, neglecting to appropriately secure BYOD can be a big weak link, with dire consequences.
What It Means for Solution Providers
If the financial services industry wants to continue—as it undoubtedly will—offering and expanding BYOD access to its employees, it will be critical for it to beef up the security profile. Businesses, least of all those in highly targeted areas like financial services, cannot afford to let their employees connect to office networks without an adequate security platform in place under the mistaken assumption that a security event won’t happen to them.
For solution providers, then, selling and managing the latest and most dynamic mobile access management solutions, as well as consulting to help financial services clients construct sensible, safe BYOD policies in concert with those solutions, provide a definite opportunity for growth. BYOD is only growing more popular, and BYOD security needs to as well. It’s paramount for companies to stay on top of cybersecurity—to keep employees happy, but not at the expense of keeping user data safe.
How have you seen financial services institutions successfully managing BYOD?