Axway: Sorted Your Company’s BYOD Policy? Now It’s Time for BYOIoT

Businesses looking to enrich their operations through the Internet of Things (IoT) may face unexpected risks from the non-work devices of their workers, it has been reported.

Following hot on the heels of enforcing regulations surrounding BYOD policies, companies now need to realise that devices such as fitness trackers or connected cars could be transmitting data about their employees and possibly putting confidential or valuable information at risk, according to software company Axway.

Control

Following on from a slot speaking at the ThingMonk conference in London this week, Mark O’Neill, Axway’s vice president of innovation, told TechWeek Europe that the notion of ‘BYOIoT’ is now becoming a very real concept for many companies due to the range of devices used by their employees.

BYOIoT “is really a continuation of BYOD”, he says, as many organisations have now finally come to terms with employees wanting to bring their own mobile devices to work and use them. However it adds devices such as fitness trackers to the likes of smartphones and tablets, but also opening up new risks.

“The thing about these devices is they have APIs that can connect to other systems, they might be tracking location, might be sending this information out – so as a business, you have this situation where your employees might literally be tracked and data gathered about them, and this information…might be going through your corporate network.”

“The challenge is – do you ignore that, and say that’s your business, and you just use them, or do you say you want people to register their devices or do you implement a policy or code of conduct?”

Risky business

O’Neill describes the current situation as “a coming wave”, as many companies are aware of the situation and risk posed by connected devices, but most are still deciding what exactly they have to do. This has also not been helped by the trauma faced by many companies when first implementing BYOD policies, with several high-profile organisations suffering embarrassing or damaging data losses or breaches caused by employee error.

“But if they need to be managed under the corporate umbrella, and corporate and IT are saying no, people will just bring them in anyway and step around this,” he warns.

Recent estimates from Gartner say that the number of items connected to the Internet of Things will hit 25 billion by 2020 as the world becomes a more connected place, with the economic impact of the IoT is set to grow to support total services spending of $263 billion by 2020.

However the security of the network remains a crucial factor, with research by IDC predicting that 90 percent of businesses will suffer an IoT-related data breach or attack within the next two years.

O’Neill says that IoT security is a very real worry for business in a range of industries, especially as more companies look to get connected.

“At the moment, you can see the IoT as in a honeymoon mode,” O’Neill says, “there is a lot of promise there. But organisations have found that the value of their device is really only as strong as the ecosystem that surrounds it.”

This is particularly true of wearables, as consumers look to show off and share their fitness exploits on social media. But such devices require a constant connection to be able to link to the necessary sites or connections, which is where the risk comes in.

Any vulnerability or misuse of a device connecting via a workplace network could have serious consequences, O’Neill warns, potentially opening individuals and even companies (should the user have certain information linked or shared across devices) up to hacking or other forms of cybercrime.

What do you know about the Internet of Things? Take our quiz!