The Risks of BYOD

Travelers umbrella logo.
By Travelers Risk Control
2 minutes
Person standing in office looking at a tablet

Employees at companies of all sizes, either through their own volition or due to corporate requirements, are engaging in bring your own device (BYOD) programs in ever greater numbers. Many of these employees continue to work at home, beyond the traditional workday, on personal laptops, tablets and smartphones as the work and personal life divide continues to blur. Companies, once resistant to BYOD programs and their inherent risks, now embrace the increased collaboration, productivity and cost savings that BYOD allows.

According to a recent survey of global CIOs, half will require employees to supply their own devices by 2017.¹ Companies that do not take a proactive approach to managing the use of personal devices face growing risks, as costs associated with data losses, privacy breaches and other cyber threats continue to rise.

Yet, only 39% of companies have a BYOD policy in place, according to another recent study.² One in five employees surveyed reported that they were not aware whether or not their company had a formal policy in place, suggesting a need for increased training and communication.

Establish a Formal BYOD Policy

  1. Determine what and how devices are used. Your policy can specify the type of devices that are allowed to be used, how employees may use the devices to connect to corporate networks (e.g., through a secured wi-fi connection), and what applications are approved for use, including downloadable apps and cloud-based tools.
  2. Set expectations. Your policy can specify that the company has no responsibility for lost or damaged personal devices or employee injury from misuse of a personal device. The policy can also restrict the type of data that can be transferred to personal devices, and establish protocols for data synchronization and backup.
  3. Establish requirements. The policy can require employees to install the latest operating system updates, corporate-designated anti-virus software, encryption software and remote data-wiping capability.

Conduct Regular Employee Training

  1. Share best practices for data security. Employees should understand all of the elements of the corporate BYOD policy and also realize the exposure to risk and consequences of failing to follow the required precautions.
  2. Set training goals. After training, employees should know how to access appropriate corporate data from their personal devices, understand which applications are risky and which are safe to use, know how to separate work and private data on their devices, and know which type of work activities are appropriate for BYOD.

Manage BYOD Risks

  1. Vet personal devices and applications. Companies should review devices and apps for potential risks, with an eye toward striking a balance between restrictions to protect the corporate network and flexibility that will allow employee productivity.
  2. Update corporate network protection for personal devices. Steps include requiring a two-step process for authentication to access the corporate system that recognizes both the device and the person using it. Put software tools in place to allow remote wiping of data, scanning for malware and data leakage and archiving of corporate data.

Another important tool to protect your business is cyber security insurance, specialized policies that offer coverages such as errors and omissions, network and information security and medial liability to address cyber exposures.

Professionals in lab coats working with text tubes in a lab.

Top Stories

Risks Facing Pharmaceutical Companies, from Trials to Commercialization

As pharmaceutical companies grow and transition to commercial production operations, they can address the risks they face with planning and insurance coverage.

Related Products & Services

We understand the complexity of cyber threats and have cyber liability insurance solutions to help protect your business assets.

Identity fraud can happen to anyone. Learn how Travelers identity fraud expense reimbursement coverage can help if you are a victim of identity fraud.

More Prepare & Prevent

Managing Your Intellectual Property (IP)

Managing intellectual property can help prevent unintentionally using unlicensed software. Learn more about intellectual property management from Travelers.

Employees talking about managing intellectual property

More Prepare & Prevent

How High-Tech Manufacturers Can Prepare for Global Risks

Operating internationally brings new business risks, from global product liability to supply chain interruption. Learn about global risk management.

High-tech manufacturer looking through microscope.

More Prepare & Prevent

5 Shadow IT Practices That Put Technology Companies at Risk

Shadow IT can leave the virtual door open to hackers and cyber thieves. Learn five common risks and how you can help avoid them.

Shadow IT practice of using a USB on a laptop.

Small Tech

Small business technology services industry insurance

Travelers also offers small business solutions to help you protect and grow your business.