BYOD Programs Pose Security Risk for Businesses
Organizations that adopt bring your own device (BYOD) programs without implementing mobile management policies could be exposing to security risks and resultant data losses. A survey of 4,000 full-time employees by technology consulting firm Ovum found that while nearly 70 percent of all smartphone-owning professionals are using their personal device to access corporate data, 80 percent of BYOD activity remains inadequately managed by IT departments.
The survey found nearly half of the respondents’ employers’ IT departments either did not know of BYOD or were ignoring its existence, operating a “don’t ask, don’t tell” policy, while just 8.1 percent actively discouraged it. Levels of ignorance by IT were significantly higher in mature economies with more rigid working practices, for instance Europe, when compared with high-growth economies such as Brazil, India and South Africa.
“Despite much speculation, BYOD is here to stay. Therefore, it’s worrying to see evidence of such a high proportion of businesses burying their head in the sand when it comes to planning adequately for it,” Ovum senior analyst Richard Absalom said in a statement. “BYOD multiplies the number of networks, applications, and end-points through which data is accessed. These are the three main points at which data is vulnerable; so, if left unmanaged, BYOD creates a huge data security risk.”
Ovum’s research shows that 50 percent of employees said privacy concerns would stop them accessing their own personal apps on a corporate provisioned smartphone. For half of all employees, a corporately provisioned smartphone or tablet is not a perfect substitute for a personally owned device, indicating the consumerization of IT is playing a role not only in the way the mobile workforce develops, but how IT departments are going to manage security for a wide range of devices.