BID Daily Newsletter
Jan 29, 2016

BID Daily Newsletter

Jan 29, 2016

Cooking Up A BYOD Plan

A few years ago, Slate magazine concluded that The Swedish Chef, the Muppet well-known for his nonsensical speech, overgrown eyebrows and bushy mustache, may actually be speaking Norwegian. This was welcome news for some Swedes, many of whom are annoyed about their forced association with the character whose kitchen antics include slam-dunking a chicken into a basketball hoop and lobbing meatballs at the audience with a tennis racket. Despite the article's assertions, the controversy continues to rage.
Times certainly do change. Consider that if Muppet creator Jim Henson were alive today, it's doubtful this character (a parody of television chefs) would pass muster with the PC police. In similar fashion, attitudes have shifted when it comes to banks and other companies having a "bring your own device" (BYOD) policy allowing employees to work and use their personal devices for work purposes.
Research by IT trade association CompTIA bears that out. It finds that in 2013 when BYOD was all the rage, only 34% of companies did not allow it. However, that percentage increased to 45% in 2014 and 53% in 2015. In other words, in just 2 short years, companies that don't allow BYOD (i.e. provide smartphones and tablets to employees and ban the use of personal devices for work) has jumped 56%. That same research found key factors for the shift are due to increased corporate concern over security risks and the ability for employees to easily save pictures and personal information in the cloud (so the physical phone is less important).
Offsetting this perspective is a survey by the Information Security group on LinkedIn. It found: 86% of businesses will allow employees to access email on their personal devices and 60% allow employees to access enterprise data. This is supported by other research by Tech Pro that finds 74% of organizations either already allow or plan to allow employees to bring their own devices to work.
There are, of course, advantages to the BYOD movement as well as risks. Doing so may save your bank money on hardware and service costs, but it can also add burden to your IT department to support all these devices. BYOD also offers flexibility to workers and may increase productivity. At the same time, however, banks must deal with the nettlesome issue of how to safely incorporate the concept of BYOD into the workforce.
As there are benefits to BYOD there are also risks. In fact, one lead regulator once told us that BYOD means "bring your own danger." This perception is common when you consider research from a variety of places as follows: 5.2mm smartphones are lost or stolen each year in the US (Consumer Reports); mobile devices rank #1 at the top of the list of weakest security links, followed by social media (CyberEdge Group); 2,000 or more on average unsafe or malicious apps are installed on large company employee mobile devices (Veracode) and 75% or more mobile apps fail basic security tests (Gartner). For banks, the risk may not offset the benefit, so many just outright ban BYOD as research continues.
This approach may not solve things though, as human behavior on any device can be risky. Consider a study by Absolute Software that finds: 64% of millennials use their employer-owned device for personal use vs. 37% of baby boomers. What's more, 27% of millennials access content deemed not safe for work vs. 5% of baby boomers.
Like ruminations over the Swedish Chef's verbiage, we expect discussions on bank BYOD programs to continue. The best approach is to do your research, consider multiple sources, understand the risks and benefits and then make a decision that supports business and the health of the bank, its employees and its customers.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.