BYOD Security a Major Issue for Small Businesses: Trend Micro

A survey sponsored by Trend Micro suggests bring your own device (BYOD) programs are lacking in adequate security.

As organizations continue to adopt bring-your-own-device initiatives, which allow employees to use personal mobile devices to connect to the company network, these businesses are potentially opening themselves up to security breaches, according to a survey of more than 100 small and midsize business IT security providers during June and July 2012, which was sponsored by cloud security specialist Trend Micro and conducted by Osterman Research.

The survey found the typical SMB employee uses a number of endpoint devices, such as a desktop computer, notebook, tablet, smartphone and home computers with various applications on them. These multiple access points can also be opening through which malware can enter the organization's network. According to the report, cyber-criminals employ multiple compromised endpoints and social networking sites to infect a wide range of targets, including the most popular mobile devices such as those running Google Android and Apple iOS.

During a typical month, 4.3 percent of endpoints become infected, which translates to an infection rate of 52.1 percent annually, according to survey results, with a growing number of organizations reporting security violations through their use of Web and email. The survey revealed that between 2007 and 2012 there was a 35 percent growth in Web violations and a 12 percent growth in email violations, including malware, phishing and related types of attacks.

These attacks often translate into down time or hours wasted trying to secure the network or device: Osterman Research found that it takes a mean elapsed time of 72 minutes to remediate a single endpoint, and 5.2 percent of IT staff time during a typical week is spent on email security management. This, in turn, drives up the cost of IT labor. The survey found that each IT staff member supports only 33 endpoints, resulting in a total IT labor cost of $2,400 per endpoint or $79,200 per year.

On the platform side of things, the survey found Android usage gained the largest increase among SMBs, with the number of Android devices being used in SMBs increasing 7.1 percent from 2011. The number of Apple iPhones being used in SMBs increased 3.1 percent, while usage of the company's popular iPad tablet has increased 1.9 percent from 2011.

BYOD security is becoming a major issue for IT departments of all sizes-Trend Micro's report is the latest in a long line of surveys indicating businesses are not prepared for the damage a data breach through an unsecured endpoint can cause. According to a recent survey conducted by Coalfire, an IT governance, risk and compliance services company, the majority of individuals are remain lax when it comes to mobile device security, especially how they store password; 47 percent of respondents have no passcode on their mobile phone, even though 84 percent of individuals stated they use the same smartphone for personal and work usage.