BYOD Causing Security Headaches for Businesses

Of the IT executives surveyed by Check Point, 42 percent noted that mobile security incidents cost their organizations more than $250,000.

byod and mobile security

The vast majority (95 percent) of businesses face challenges with securing and supporting bring-your-own-device (BYOD) programs, strongly indicating the need for more robust security solutions for personal devices tied to the corporate network, according to a Check Point Software survey of more than 700 IT professionals.

Of the security professionals surveyed this year, 82 percent expect the number of security incidents to grow in 2015.

IT professionals report that the most common challenge faced by IT organizations in adopting a BYOD policy is securing corporate information (72 percent), followed by managing personal devices that contain corporate and personal data and applications (67 percent), and tracking and controlling access to corporate and private networks (59 percent).

This year, businesses also saw an increase in remediation costs for mobile security incidents. Of the IT executives surveyed, 42 percent noted that mobile security incidents cost their organizations more than $250,000.

"BYOD continues to grow at a fast clip—no longer can organizations say we aren't doing BYOD," Juliette Rizkallah, Check Point's vice president of global marketing, told eWEEK. "I think businesses realize that they need a long-term strategy around BYOD and are trying to assess which mobile solution blends best with their overall security infrastructure."

The risk from Google Android-based devices increased from 49 percent in 2013 to 64 percent this year, as the platform with the greatest perceived security risk—as compared with Apple, Windows Mobile, and BlackBerry.

Additionally, nearly all of the respondents (98 percent) expressed concern about the impact of a mobile security incident, with the greatest concern being the potential for lost and stolen information.

Worryingly, the study found 87 percent of surveyed professionals believed that the greatest security threat to mobile devices was careless employees. Nearly two-thirds of the respondents believed that recent high-profile breaches of customer data were likely due to employee carelessness.

Despite careless employees as the weakest link into businesses, 91 percent of IT professionals saw an increase in the number of personal mobile devices connecting to their networks over the past two years.

In 2014, 56 percent of those surveyed managed business data on employee-owned devices, up from 37 percent in 2013.

IT professionals were also asked if mobile devices, such as smartphones or tablets, were allowed to connect to their corporate networks.

Most reported broad use of mobile devices within their organizations, with 95 percent saying that they had mobile devices connecting to corporate networks, including 74 percent who allowed both personal and company-owned devices, 20 percent who allowed only company-owned mobile devices, and 1 percent who had only personal mobile devices.

Not a single dedicated security professional indicated that they expected the number of mobile security incidents to decrease this year, although among all IT professionals, including those for whom security was only part of their job, 7 percent felt that the steps they were taking to ensure security would decrease the number of security incidents.

"I think that the statistic is that 87 percent of employers believe employees are a greater threat than hackers was the most surprising result. It reinforced the need we were seeing in the market for a solution that not only protects an organization but also enables employees to do what they need to on their devices without worrying that they are leaking sensitive information, accessing malicious Websites," Rizkallah said. "Employee education and technology need to work synergistically to combat mobile security issues and concerns."