Dec 06 2019

Why BYOD Makes Endpoint Security Crucial for Small Businesses

Employees are using their own devices for work more than ever before, making endpoint security a top priority.

The threat of cyberattacks is as prevalent as ever, with IT departments across industries working to bring their organizations’ protections up to speed. They’re expected to spend more than $1 trillion on cybersecurity by 2025, and small businesses are particularly vulnerable.  

According to Fundera, the number of cyberattacks targeting small businesses last year skyrocketed by 424 percent, yet only 14 percent of small businesses define their cybersecurity practices as “highly effective.” Considering that 60 percent of small businesses that fall victim to an attack shut their doors permanently within six months, this oversight can be devastating.

Businesses often emphasize perimeter security, but with more and more employees using their personal devices for work tasks, endpoint security is more important than ever.

More Employees Are Using Their Own Devices for Work

The more people use smartphones and tablets for personal tasks and entertainment, the more these devices are used for work. According to Dell, 60 percent of Gen Y workers and 51 percent of workers 30 and older believe that the tech tools they use in their personal lives help them to be more efficient at work.

They’re probably right: A study from Frost & Sullivan found that using portable devices for work saved employees 58 minutes per day while increasing productivity by 34 percent. In addition, research from Cisco found that companies favoring BYOD saved an average of $350 per year, per employee.

Those are attractive statistics, particularly for small businesses. BYOD appears to help give smaller organizations with limited staff and resources the efficiency edge they strive for — but it does raise security concerns. 

Endpoint Security Steps Small Businesses Can Take Right Now

Users are often the weakest link in a company’s security chain; researchers recently found 1.4 billion stolen usernames and passwords on the darknet. Luckily, multifactor authentication is a simple solution organizations can deploy to protect against such theft. 

Some use biometrics to confirm a user’s identity, or send a personalized code when a user logs in. Small businesses can choose authentication types from a range of options, with products available from Okta and Duo.

Depending on a company’s infrastructure, there may already be MFA solutions available to activate. For example, Microsoft Azure Multi-Factor Authentication has these protections available, making it simple for organizations to incorporate it into their business practices. 

Organizations can also limit the access employees have on personal devices and mandate that work applications can only be used on secure networks.

MORE FROM BIZTECH: Read why every small business needs a cybersecurity strategy.

How to Keep Endpoints Safe for the Long Term

Once basic security measures are taken, small businesses should develop long-term policies for the use of mobile devices. Organizations can look at their resources and their employees’ current practices and come up with a plan to fill any gaps in security. 

There are many tools organizations can use to keep their employees’ devices secure. There’s software that can encrypt data, control access to certain applications and detect and deter malware. But keeping it all straight and deploying it to employee devices can put a strain on small businesses, which may have limited IT resources.

This is where mobile device management solutions can pick up the slack. MDM can provide a complete package of endpoint security measures, including password protection, software control, version management and remote wiping. These are tasks that can drain an IT department’s already limited resources, so automating them can free up staff to tackle more complex tasks.

Since the vast majority of data breaches begin with a user account that’s been compromised through social engineering (98 percent, to be exact), it’s also important for small businesses to invest in training. This will help employees know what phishing attempts look like so they’re less vulnerable.

Making sure all of the devices being used for business are secure can be daunting. But with the right tools and services in place, they can all be protected quickly, simply and effectively.


marchmeena29/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT