To many people, the prospect of bringing your own mobile device to work just makes sense. It’s the most convenient and efficient situation for users to access their work information, send/receive emails, and call clients, but many neglect to realize the risks behind the convenience. Many companies have realized the demand for the BYOD (bring your own device) movement and the benefit of having mobile employees and have started issuing corporate devices, but still the risk is far too high for confidential data to be mishandled or stolen.
Many corporations have all dipped their toes in the BYOD movement, but far too many have had to learn the security risks involved the hard way. An industry especially vulnerable to cyber-security risks is healthcare. Washington Post recently published an article by Robert O’Harrow Jr. titled “Health Systems at Risk of Hacking” in which Avi Rubin- Director of Information Security Institute at John Hoskins University- states, “I have never seen an industry with more gaping security holes.” He even goes so far as to say “If our financial industry regarded security the way the healthcare sector does, I would stuff my cash in a mattress under my bed.” In reference to a study done on Online Tech, over half of the HIPAA violations for 2012 were done by either theft or loss of the information. Many users utilize their own devices to access work data like emails and files and don’t consider the risk involved. Even if they are using a company issued device, security restrictions are not enough to maintain the privacy of data, there is still the high risk of losing the device. The seriousness of the lack of proper security is more than just a risk for hospitals, it’s instills a lack of trust due to the exploitation of patient information. As noted in the Washington Post, “On March 30, a hacker broke into a network server at the Utah Health Department, gained access to Medicaid data of about 780,000 people and stole an undetermined number of records.”
Its not just the healthcare sector that is suffering from cyber security flaws, a white paper done on BYOD by Forrester entitled “BYOD in Government- Prepare for the Rising Tide”, states that many companies know that having any data uploaded and stored on devices is a risk, and they are exploring different architecture ideas such as sandboxing. This idea makes it so that users can essentially drag and drop applications into a secure “container” ensuring that any data they view, edit is kept within the container rather than being exposed. There are a number of apps that claim to provide this level of security, but still data gets stolen. Many state they can encrypt data, however when a user is viewing the data on their devices, the data is unencrypted the entire time, leaving it vulnerable. An application called Mobile-Loc, developed by a TerraWi, provides the security necessary to truly keep information secured because it never leaves the data unencrypted, even while the user is viewing it. TerraWi’s Mobile-Loc offers an encrypted, cloud-based solution that provides secure, mobile communications, regardless of platform or mobile device type.
In this day and age, the proper security measures can make or break an industry, and with the rise of employees using their personal mobile devices (BYOD) to view confidential work-related documentation and files, precautions are of the upmost importance. The convenience of using personal devices can increase productivity, but inhibits security so companies and industries need to seek out the proper security solutions to eliminate the possibility of security breaches and instill confidence in patients and clients.