BYOD, IoT, SaaS and IT compliance

While the adoption of a Bring Your Own Device (BYOD) culture can be a challenge when it comes to data security and compliance, it can also offer significant benefits in terms of cost and productivity.

A robust BYOD policy can help to address issues such as:

  • Enhanced risks to the security of sensitive data
  • The potential for data theft from disgruntled or departing employees
  • Risk associated with devices falling into wrong hands - when users upgrade or exchange devices, for example
  • Potential for devices accessing the network with inadequate security measures in place.

We’ve already looked at how to ensure that your BYOD policies are safe and secure.

However, while BYOD may present challenges to an organisation’s IT compliance, the responsibilities can be more extensive and it’s not the only concept that poses risks when it comes to IT compliance.

Staying Cyber-Secure

When staff use multiple devices, the threat of security breaches is heightened; but the threat posed from cyber-attack is multi-layered and requires attention across a company’s entire IT system.

The Cyber Security Breaches Survey 2017 found that nearly half of all UK businesses had suffered a cyber breach or attack in the past 12 months.

Cyber-crime is a threat to the livelihood of companies of all sizes and responsibility for the protection of sensitive data falls squarely on the organisation.

To remain compliant, you need to demonstrate that:

  • Security software is regularly maintained
  • Patches and updates are installed regularly
  • Periodic penetration testing is undertaken to check for weaknesses

From PC to IoT

With the onset of connected devices and the concept of the Internet of Things (IoT), sending and receiving data online is no longer confined to a PC.

While these innovations in technology bring benefits they also come with increased data-security threats and challenges when it comes to compliance.

As greater volumes of data move across a wide array of devices, companies need to be aware of the risks and incorporate them into their security and safety policies.

SaaS compliance

This rapid evolution of technology means that maintaining IT compliance in the eyes of bodies such as the Financial Conduct Authority (FCA) is a full-time consideration.

If you are using Software as a Service (SaaS) for data management, this is akin to using a third-party resource within the business.

While third-parties and use of cloud-based services are not prohibited by the FCA, they are bound by certain regulations that need to be adhered to.

When using SaaS, you should be able to provide:

  • Demonstrable levels of robust security
  • Demonstrable data loss and recovery actions
  • A full understanding of where and how data is stored
  • Access to data at all times for both clients and legally-authorised inspectors/auditors

Understanding your responsibilities

When it comes to IT compliance, understanding your responsibilities is an ongoing and essential aspect of your business.

Concepts like BYOD undoubtedly bring challenges to securing data and staying compliant.

But it’s worth remembering that technology such as SaaS and IoT open a business up to new vulnerabilities that need to be identified.

Only then can you ensure that your business will remain safe, secure and within the law.

Posted by on

Related blogs:

Tagged with: BYOD, IoT, IT compliance, saas

Categorised as:

Share this:


Comments


Add your own comment: Add Comment
 

Display Name *:
Email:  
Comment *:

Cancel Submit


 
Sabre Office

Visit our office supplies website

Accept & Close

Cookies

This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with this. You can find out more about the cookies used by clicking this link.