The study explored concerns around Bring-Your-Own-Device (BYOD) programs. Key findings included:
BYOD is here to stay, like it or not: Eighty-eight percent of respondents said their companies had some form of BYOD, whether sanctioned or not.
Current BYOD approaches provide security at the expense of privacy: Survey participants found current security approaches, such as MDM too intrusive. When specifically speaking to MDM, 77 percent of respondents had strong negative words to describe their feelings about the use of the software, including “I don’t care for it,” “Violated!” and “Not acceptable.”
BYOD brings rampant use of insecure cloud services like Dropbox: Sixty-six percent of respondents said that they or their companies used some service like Dropbox to store their data. These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party. Even when cloud repositories are encrypted, it's often that third party—not their customers—who hold the encryption keys.
“BYOD is one of the most important directions in enterprise IT, with enormous potential benefits in productivity and cost savings,” said Craig Mathias, a principal with the wireless and mobile advisory firm Farpoint Group. “But, as this survey reveals, BYOD isn’t just about securing or even managing mobile devices. There are major requirements in consciousness-raising, policy definition and enforcement, and end-to-end solutions that include not just devices, but the enterprise data they increasingly contain.”
Despite the fact that most survey respondents were IT personnel, about one-third reported having no BYOD policies in place. Ten percent admitted to not knowing whether their companies even had BYOD policies.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.