Bring your own device (BYOD) adoption in APAC is alive and well, and is expected to increase by more than 20 percent from 2014 to 2020, according to a study by Grand View Research. Two driving factors for this growth are reduced hardware costs and the maturation of cloud-based solutions, and the devices of choice are smartphones and tablets. What's in it for the businesses? A report from Dimensional Research cites that, for small and medium businesses (SMBs), 97 percent of the respondents found that providing their employees ubiquitous access makes them more effective, and 83 percent said that allowing employees to conduct business on tablets or smartphones would have a medium to high positive business impact.
The key to BYOD adoption is, of course, accessibility and data protection. While many people have multiple devices from which they read, create, or otherwise process information, what is appropriate for family or personal interaction may not meet the data protection needs of the enterprise or the SMB. According to a XinMSN Lifestyle article, a 2013 TechInsights report found that 39 percent of Singapore businesses list BYOD as the top mobility initiative.
Availability and Risk: A Double-Edged Sword
BYOD forces companies both large and small to confront the double-edged sword of availability and risk. The availability side of the sword is self evident: increased productivity from the "always available" employee. The risk side of the sword is equally obvious: Company data will be accessed from devices the company does not own, and the company lacks control over what is on the device and how it is used. According to a late-2013 Ernst & Young report, the top four challenges or barriers to BYOD deployment are mobile device security, data breach security, mobile data security, and mobile application security. And for good reason: A 2012 report from Kaspersky indicated that the Android operating system, currently the mobile OS with the largest market share, is being actively targeted by hackers, with 98 percent of all discovered mobile malware targeting Android devices.
The first step in implementing a BYOD program is understanding the legal ramifications and identifying any unique hurdles within the specific country the organization is located. The second step is educating the user. This is a vital step because users need to understand that a BYOD program will require a certain level of inconvenience in order to ensure the overall security of the company, whose data is sharing space on their device. Educating employees will go a long way in making sure that the company and the employees are on the same page. The third step involves adopting a management solution, which is appropriate in both cost and implementation, either through creating the solution or bringing in the off-the-shelf solution of a security vendor. The track on Mobile Security in the June 2014 RSA Conference Singapore may be an excellent resource to address all three of these issues.