BYOD Trend Exposes Corporate IT, Warns Fortinet

secure smartphone chain lock unlock

The bring-your-own-device (BYOD) trend is exposing businesses to new security risks says Fortinet

A new survey from network security specialist Fortinet has reiterated the potential security risks to corporate IT networks from the bring-your-own-device (BYOD) trend, which is gaining increasing traction in the workplace.

The poll, conducted in 15 territories during May and June 2012, asked more 3,800 active employees in their 20s about their perspectives on BYOD, its impact on their work environment and their approach to personal and corporate IT security, and found one in three respondents said they would contravene a company’s security policy that forbids them to use their personal devices at work or for work purposes.

Personal Apps

Survey results indicted the primary driver of the BYOD practice is that individuals can constantly access their preferred applications, especially social media and private communications, and this next generation of decision makers and managers is increasingly viewing the use of personal devices in the workplace as a right, rather than a privilege.

Nearly three-quarters (74 percent) of respondents across all territories already regularly engage in the practice, the study found.

While 42 percent of the respondents believe potential data loss and exposure to malicious IT threats to be the dominant risk, suggesting the first generation of BYOD workers understands the risks BYOD poses by to their organisations, this risk awareness does not prevent those workers from bypassing corporate policies. India had the highest number of respondents who were willing to contravene a corporate policy banning the use of personally owned devices for work purposes, where 66 percent admitted they have or would do so.

When it comes to policies banning the use of non-approved applications, 30 percent said they would also contravene policy to use them, and 69 percent of respondents confirmed they are interested in “bring your own application” (BYOA), where users create and use their own custom applications at work. While this indicates other areas where organisations are at risk, two-thirds (66 percent) of respondents consider themselves – not the company – to be responsible for the security of the personal devices they use for work purposes.

Challenges Ahead

“The survey clearly reveals the great challenge faced by organisations to reconcile security and BYOD,” Patrice Perche, vice president of international sales and support for Fortinet, said in a prepared statement.

“While users want and expect to use their own devices for work, mostly for personal convenience, they do not want to hand over responsibility for security on their own devices to the organisation,” it said.

“Within such an environment, organisations must regain control of their IT infrastructure by strongly securing both inbound and outbound access to the corporate network and not just implement mobile-device management, or MDM. Organisations cannot rely on a single technology to address the security challenges of BYOD. The most effective network security strategy requires granular control over users and applications, not just devices,” Perche continued.

How much do you know about smartphones? Take our quiz.