BYOD Has Value Despite Risks, Says Survey

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Follow on: Google +

BYOD initiatives are worth the risk says a Symantec survey, so long as adequate steps are taken beforehand

A Symantec survey has confirmed that many organisations view the risks associated with the ‘bring your own device’ (BYOD) initiatives, as being acceptable.

While most organisations allow employees to use personal mobile devices for business purposes, they also accept that doing so will likely result in a mobile security incident. And although the implementation of bring your own device (BYOD) initiatives is worth the risk, IT leaders need technology to enforce policies and protect their organisations from mobile security incidents.

These are the findings of a survey of 236 Symantec Vision conference attendees conducted by the security solutions specialist.

BYOD Risks

The majority of organisations reported at least one mobile security incident within the past 12 months, with the top mobility incidents businesses experienced in the past 12 months including lost or stolen devices (60 percent), spam (60 percent), malware infections (43 percent), phishing attacks (40 percent), and exposure of confidential information (19 percent).

BYOD © IdeaStepConceptStock, Shutterstock 2012Although 70 percent of organisations reported that the benefits of mobility are equal to or greater than the risks and challenges associated with having mobile devices, 59 percent of respondents reported that their organisations do not yet give their employees the same productivity apps on BYOD and corporate-owned devices.

The survey indicated organisations treat BYOD and corporate-controlled devices differently, with 83 percent of organisations still allowing employees to use personally owned devices for business use. However, 42 percent of employees use a personally owned mobile device for business regardless of their company policy.

While a majority (80 percent) of organisations enforce their policies, only 68 percent use technology to enforce it. Surprisingly, one in ten organisations (11 percent) use human resources (HR) controls to enforce these policies, which typically means they operate on the honour system or base their enforcement on the whistle blowing of other employees.

Sixty percent of organisations said that managing mobility is a challenge for them. As a result, 90 percent turn to mobility management technology to help them secure, provision, configure and otherwise protect their organisation’s data that resides on the mobile devices of their company and employees.

Favoured BYOD Apps

The top four applications that employees use for business purposes or to access business information from their personally owned mobile devices in the past 12 months were a Web browser (72 percent), email (58 percent), contacts (56 percent) and a calendar application (55 percent).

Ninety percent of US employees used their personal smartphones for work within the past year, yet only 46 percent believe their employers are prepared for any issues that could arise from BYOD, according to a March study in which a network of Cisco partners polled 1,000 consumers.

The survey revealed that 39 percent of employee’s personal devices are not password-protected, and found just over half (52 percent) reported accessing unsecured Wi-Fi networks with their devices, a well-known vulnerability in the cyber-security industry.

The results indicated security issues go deeper than password protection and Wi-Fi access. A large number of BYOD users don’t even consider that their phones’ Bluetooth discoverable modes may still be on, and 48 percent of work smartphone users haven’t disabled the feature on their devices. If a security issue were to arise, 86 percent of workers said their employers couldn’t remotely wipe their device’s data – that includes if the device is lost or stolen.

How much do you know about smartphones? Take our quiz!

Originally published on eWeek.