Personal Devices Used to Access Work Data, Regardless of Company Policy
With the bring-your-own-device (BYOD) trend growing increasingly popular, a survey released by the CTIA wireless association and conducted by Harris Interactive found that regardless of company policy regarding the use of personal devices, employees are using their own notebooks, smartphones and tablets to access work data.
Nearly half (47 percent) of consumers surveyed said they had never heard of BYOD, and only 30 percent said they were very or somewhat familiar with it. More surprisingly, IT professionals were more modest than expected, with 55 percent being very or somewhat familiar, while just over a quarter (26 percent) admitted they had never heard of it. Despite unfamiliarity with the term, when told the definition, more than half of users said they engaged in some sort of BYOD behavior.
When it comes to whose responsibility it is to keep the devices secure, both users (82 percent) and IT professionals (67 percent) say it's the user's primary duty. Regardless of a company's size, most believe it's the employee's responsibility, with 72 percent of companies with less than 500 employees and 62 percent of companies with 500 or more employees claiming so.
Employees indicated that they trust their IT departments, with 83 percent saying their smartphones are very or somewhat secure, which climbed to 85 percent for tablets. However, IT professionals were less optimistic, but still confident in their security efforts for smartphones (68 percent) and tablets (70 percent).
Despite similar BYOD incidences for companies of all sizes, the survey indicated smaller companies (fewer than 500 employees) are less likely to take action to protect employees' mobile devices and less likely to communicate the importance of protective security action to their employees. Accordingly, their concerns over BYOD risks are low, with 67 percent saying the benefits strongly or somewhat outweigh the risks.
While the percentages varied, the top five information or applications used by employees were email, calendar and scheduling, databases, company apps and directories. Users' and IT decision makers' answers varied on a number of questions in the survey, but there were several areas of agreement. Less than half (47 percent) of users said there was no formal policy at their office, which closely matched up with the 42 percent of IT experts who said there wasn't one.
When asked what the IT department has done to protect the devices, 34 percent of users say they have installed or used password or personal identification numbers (PINs) and 28 percent said anti-virus programs, while software updates (26 percent), restricted downloads (25 percent) and restricted access to certain employees (22 percent) rounded out the top five security measures.
This is similar to what IT professionals state they have installed or used: password/PINs (46 percent), anti-virus programs (38 percent), network certificates (37 percent), virtual private networks (31 percent) and restricted access to certain employees (31 percent).