8. Data Security Concerns Raised by ‘Bring Your Own Device’ in Corporate Organisations’ Hybrid and Remote Work Environments in Nigeria

Rotimi Ogunyemi, Technology Lawyer; Managing Partner, Johnson & Wilner LLP, Nigeria (Formerly Bayo Ogunyemi & Co.); President, Spindlar Cyberlaw Centre (Lagos, Nigeria); linkedin.com/in/rotimiogunyemi

Akintunde Idowu, Intellectual Property and Information Technology Lawyer, Johnson & Wilner LLP, Nigeria. linkedin.com/in/akintundeidowu

The perceived benefits of increased productivity, employee efficiency and work flexibility have given rise to the phenomenon known as ‘bring your own device’ (BYOD), which permits employees of an organisation to complete their tasks or processes on their own personal devices. The COVID-19 pandemic accelerated this trend, particularly as the shift to hybrid and remote work intensified. Major organisations have pushed for the adjustment of their personnel, procedures and cultures to the new reality. The fact that employees can access organisational data from their own devices at any time and from any location increases the likelihood of unauthorised access to corporate data. Finding secure technologies for conducting confidential meetings in a remote workspace and managing confidential data outside of a remote location has been difficult. The vulnerabilities include, among others, phishing email attacks, unauthorised access through insecure remote-access tools and hacking of video conference tools. As remote work tools must be protected, periodic risk assessments and routine monitoring are required to safeguard the privacy and integrity of an organisation’s information assets and resources.

This paper seeks to investigate the role of cybersecurity in general; data privacy and security challenges posed by BYOD using Nigeria as a case study; cybersecurity policy recommendations for remote and hybrid work; and the implementation of a secure BYOD structure.