From BYOD to PYOD: Protect Your Own Device

During the last 5 years we have seen an exponential increase of smart working and therefore practices bounded to it, such as BYOD (Bring Your Own Device). The acronym often brings up some controversy when brought up… Why?

With ‘BYOD’ we mean the usage of personal devices to access work applications and services, for example to manage resources, monitor online activity or execute maintenance on informatic systems and more.

This radical change brought the need of re-organizing the way we think about our jobs. From the employee point of view, work-life balance improved thanks to a more flexible way to manage day-to-day activities and the reduced commuting.

The employer instead, gains benefit from increased productivity (A study conducted by PwC in 2020 states that 52% of employers noticed an increase in productivity), because of a reduction in everyday office interruptions, leading to improved focus.

Although, what is the impact of using personal devices to work, on company assets and sensible data of every affiliated figure?

Law evolution on sensible data online

Personal devices, other than a way to carry out daily activities, are also a mean od self-expression. They are used to exercise one’s intimate curiosity, and this characteristic collides with some of the safety procedures aimed at protecting the business along with the individual accessing to its services. As a result, there were implemented legislations directed to regulate the working environment security to protect information.

Regulations and politics on privacy gain shape following their country cultural inclinations, the GDPR in Europe and the CCPA in California, to name a few.

Companies operating in those countries must follow the basic principles of the regulation, built on the following cardinal points: Informed consent, minimisation, separation, deletion, and safety of data.

Following these motives, technology had to adapt to regulation changes on the matter, developing solutions compliant to both the policies terms and the higher standard of protection against the latest generation of hacker attacks.

Protection systems evolved too, following basic needs such as encrypted connections to companies’ networks, means of secure and privileged access or monitoring connections in and out the used devices to notice, identify and promptly react to potential data violations.

The true challenge introduced by the new informatic paradigm though, is not carried out through only the accomplishment of compliances to policies and the protection of the company reputation, but first and foremost through the protection of the freedom of the most important company assets: The employee, in all his authenticity.

The challenge nobody talks about

These technologies should make jobs safer, but the landscape keeps getting confused between the sensations of ‘control’ felt by the employees toward their company, as to follow legal and moral regulations it tries to find the right balance between the consolidation of one’s safety and the safeguard of their freedom.

Regarding the practices of using a personal device to work, we need to consider that the employee digital life coexists in the same tool used to carry out company activities.

Private life and the freedom to exercise one’s own truthfulness are essential values that everybody should keep untouched. In many realities instead, people are forced to be analysed at every click, at every second of their working day, and in case of application installed on the PC, even more!

The psychological impact on people, when they feel sensations of deep scrutiny on their businesses, is not equivalent to the concept of ‘protection’…. But rather of ‘imprisonment’.The situation can only result in a drastic effect on every company asset, starting with the biggest and most important investment made by an organization: the employees.

This is not acceptable anymore, in a world evolving towards personal integrity and the dignity of being able to preserve one’s own unicity, values, thoughts and challenges.

The solution

Oplon Secure Access finds a rather interesting meaning under the light of this matter, as the products usage is limited to the exclusive use of one of any browser window, restricting activity control and monitoring needed for security reasons to the window alone, without impacting in any way on the freedom of employees.

The elimination of downloads and agent installations, the complete separation of working activities from personal businesses and the complete monitoring of activity only and just on working environment, assure the total compliance to GDPR policies in an innovative, light and simple way for both the company and the employee, finally transforming a confused and unsecure practice such as BYOD, into PYOD: Protect Your Own Device.