Privacy Breaches Top List of BYOD Concerns: Report
Highlighting the growing concern over bring-your-own-device initiatives, IT pros said they might be concerned about the privacy of their personal information if mobile-device-management, or MDM, software were to be installed on phones or tablets they brought from home to use at work, according to the results of a survey of 335 IT professionals sponsored by MokaFive and conducted through an independent survey firm.
Survey results also indicated businesses are unprepared for dealing with the growing BYOD trend. Although most survey respondents were IT personnel, about one-third reported having no BYOD policies in place, and 10 percent admitted to not knowing whether their companies even had BYOD policies. However, 88 percent of respondents said their companies had some form of BYOD, whether sanctioned or not.
BYOD is one of the most important directions in enterprise IT, with enormous potential benefits in productivity and cost savings, Craig Mathias, a principal with the wireless and mobile advisory firm Farpoint Group, said in a prepared statement. But, as this survey reveals, BYOD isnt just about securing or even managing mobile devices. There are major requirements in consciousness-raising, policy definition and enforcement, and end-to-end solutions that include not just devices, but the enterprise data they increasingly contain.
Along with personal devices, BYOD programs also bring exposure to unsecure cloud-based services such as DropBox or Box, with 66 percent of respondents saying that they or their companies used some service like Dropbox, which was the most popular cloud service in use with 73.6 percent, to store their data. Apple iCloud was the second most used cloud service, with 50.2 percent, followed by Google Drive, with 40.3 percent. Microsoft SkyDrive (34.3 percent) and Box (22.4 percent) rounded out the top five.
These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party, the report noted. Even when cloud repositories are encrypted, it's often that third partynot their customerswho hold the encryption keys.
Furthermore, IT professionals said current platforms to secure personal mobile devices, such as MDM technologies, are too intrusive. Implementation of MDM software brought about a widely negative response from those surveyed, with 77 percent saying MDM software was unacceptable, unpalatable or left them feeling violated.
Just 17.8 percent reported having full-disk encryption of personal devices, while 28.3 percent reported implementing two-factor authentication policies. The vast majority (63 percent) reported using a virtual private network (VPN) to secure personal mobile devices in the workplace. Nearly a third (31.8 percent) said they didnt have a policy concerning data ownership on personal devices, though 57.1 percent said they did have a policy in place, while 11.1 percent didnt know.