BYOD Policy Posing Security Risks for Businesses

Around 72 percent of those polled require re-authentication of mobile devices after periods of inactivity, with most opting for lockout after five to 15 minutes.

byod and security

Managing mobile devices and bring-your-own-device (BYOD) initiatives is a universal challenge for corporate IT administrators, according to a MessageOps and Champion Solutions Group survey of 447 IT decision-makers across a spectrum of industries.

Organizations are nearly evenly split between those that have a formal BYOD policy (47 percent) and those that do not (53 percent).

When it comes to password policies, most organizations favor complex alphanumeric passwords of six to 10 characters.

More than three-quarters (77 percent) of those polled have policies to lock out devices after multiple failed log-in attempts, usually between three and five failed tries.

Around 72 percent of organizations require re-authentication of mobile devices after periods of inactivity, with most opting for lockout after five to 15 minutes.

The vast majority of those polled have provisions in place for expiring passwords and prohibiting the reuse of old passwords.

"Small businesses feel, on one hand, that rolling out a BYOD policy is complicated and the payoff is just not worth it," Chris Pyle, CEO of Champion Solutions Group and MessageOpstold, told eWEEK. "On the other hand, they also know that it only takes one breach and it could close their business. They realize that the prudent thing to do is to implement a BYOD policy, but finding the time and challenging their employees to adhere to the policy is where they struggle."

The report is designed to give organizations of various sizes and industry specializations a baseline for comparing their policies to peer organizations as they work to improve their mobile-security postures through stronger password and mobile-device management policies.

"Because the mobile-device management vendors are really simplifying the creation and management of BYOD devices, we are starting to see a good uptick in the adoption of BYOD among small businesses," Pyle explained. "As a matter of fact, in our recent research, we have seen that small and medium businesses are not that far behind large corporations in the roll out of BYOD."

The majority (60 percent) of those polled manage mobile environments with one to 250 mobile devices. About one in five (20 percent) handle 251 to 500 devices, and around 8 percent are responsible for mobile environments with 1,000 or more end-user devices under management.

Analyst firm IDC predicts that by 2019 nearly 2 billion smartphones will ship globally, with about 60 percent of them being used in work BYOD environments.

That will push the global BYOD market to nearly $266 billion by 2019, a 200 percent jump in just six years, according to MarketsandMarkets research.