Unmanaged BYOD Poses Security Risk, Ovum Warns

Organisations are yet again being warned that if they opt for ‘bring-your-own-device’ (BYOD) programs without implementing proper mobile management policies, they could be exposing themselves to security risks and possible data losses.

A survey of 4,000 full-time employees by technology consulting firm Ovum found that while nearly 70 percent of all smartphone-owning professionals are using their personal device to access corporate data, 80 percent of BYOD activity remains inadequately managed by IT departments.

BYOD Ignorance

The survey found nearly half of the IT departments of the respondents’ employers either did not know of BYOD or were ignoring its existence, operating a “don’t ask, don’t tell” policy, while just 8.1 percent actively discouraged it. Levels of ignorance by IT were significantly higher in mature economies with more rigid working practices, for instance Europe, when compared with high-growth economies such as Brazil, India and South Africa.

“Despite much speculation, BYOD is here to stay. Therefore, it’s worrying to see evidence of such a high proportion of businesses burying their head in the sand when it comes to planning adequately for it,” Ovum senior analyst Richard Absalom said in a statement. “BYOD multiplies the number of networks, applications and endpoints through which data is accessed. These are the three main points at which data is vulnerable; so, if left unmanaged, BYOD creates a huge data security risk.”

Ovum’s research shows that 50 percent of employees said privacy concerns would stop them accessing their own personal apps on a corporate-provisioned smartphone. For half of all employees, a corporately provisioned smartphone or tablet is not a perfect substitute for a personally owned device, indicating the consumerisation of IT is playing a role not only in the way the mobile workforce develops, but how IT departments are going to manage security for a wide range of devices.

“The way people work will have a profound effect on how BYOD is rolled out and managed within an organisation. As such, it’s imperative that IT departments act quickly to develop and implement clear policies governing BYOD,” Absalom continued. “BYOD can provide an added advantage in terms of productivity and efficiency but to do this it will be important to get the right blend of process, policy, people and technology management.”

Many Warnings

Ovum’s report is the last in a spate of surveys this year highlighting the risks BYOD programs without structured use policies can pose to an organisation.

A September study from telecom and IT services provider Grudi Associates suggested security is a major downside risk to BYOD initiatives, with data protection, human resources issues, compliance regulations and employee-usage policies all potentially complicating BYOD initiatives and eroding whatever cost advantage the program would produce.

A Trend Micro report released in September raised similar concerns. Cyber-criminals employ multiple compromised endpoints and social networking sites to infect a wide range of targets, including the most popular mobile devices such as those running Google Android and Apple iOS, according to the study.

During a typical month, 4.3 percent of endpoints become infected, which translates to an infection rate of 52.1 percent annually, according to survey results, with a growing number of organisations reporting security violations through their use of the Web and email.

How much do you know about smartphones? Take our quiz!

Originally published on eWeek.

Nathan Eddy

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Recent Posts

Google Jarvis AI Extension Leaked On Chrome Store

Seemingly accidental leak reveals Google is developing Jarvis AI extension that can browse the web…

2 days ago

Amazon Mulls New Multi-Billion Dollar Investment In Anthropic – Report

Amazon is reportedly in talks to pump billions of dollars more into AI start-up Anthropic,…

2 days ago

FTX’s Caroline Ellison Begins Her Two Year Prison Sentence

Star witness for the US prosecution of FTX founder Sam Bankman-Fried, has begun her two…

2 days ago

More Layoffs For iRobot Staff After Abandoned Amazon Deal

After axing 31 percent of its workforce when it failed to be acquired by Amazon,…

3 days ago

Mozilla Foundation Confirms Layoffs, Eliminates Advocacy Division

Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…

3 days ago

Google To Make MFA Mandatory Next Year

Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…

3 days ago