BYOD Programs Pose Security Risk for Businesses: Ovum
Bring your own device (BYOD) initiatives may be here to stay, but businesses are at risk from security threats if they don’t manage devices properly.Organizations that adopt bring-your-own-device programs without implementing mobile management policies could be exposed to security risks and resultant data losses. A survey of 4,000 full-time employees by technology consulting firm Ovum found that while nearly 70 percent of all smartphone-owning professionals are using their personal device to access corporate data, 80 percent of BYOD activity remains inadequately managed by IT departments. The survey found nearly half of the IT departments of the respondents’ employers either did not know of BYOD or were ignoring its existence, operating a “don’t ask, don’t tell” policy, while just 8.1 percent actively discouraged it. Levels of ignorance by IT were significantly higher in mature economies with more rigid working practices, for instance Europe, when compared with high-growth economies such as Brazil, India and South Africa. “Despite much speculation, BYOD is here to stay. Therefore, it’s worrying to see evidence of such a high proportion of businesses burying their head in the sand when it comes to planning adequately for it,” Ovum senior analyst Richard Absalom said in a statement. “BYOD multiplies the number of networks, applications and endpoints through which data is accessed. These are the three main points at which data is vulnerable; so, if left unmanaged, BYOD creates a huge data security risk.” Ovum’s research shows that 50 percent of employees said privacy concerns would stop them accessing their own personal apps on a corporate-provisioned smartphone. For half of all employees, a corporately provisioned smartphone or tablet is not a perfect substitute for a personally owned device, indicating the consumerization of IT is playing a role not only in the way the mobile workforce develops, but how IT departments are going to manage security for a wide range of devices.
“The way people work will have a profound effect on how BYOD is rolled out and managed within an organization. As such, it’s imperative that IT departments act quickly to develop and implement clear policies governing BYOD,” Absalom continued. “BYOD can provide an added advantage in terms of productivity and efficiency but to do this it will be important to get the right blend of process, policy, people and technology management.”