The risks of BYOD policies for businesses

A survey published this week indicates that The majority of IT and IT specialists believe their companies do not use tools or policies to protect corporate data from risks arising from Bring Your Own Device (BYOD) policy.

The research, which was conducted by the by the Ponemon Institute for Zix Corporation shows that 60 percent of IT professionals are unsatisfied with current BYOD solutions, mostly due to cost and inadequate security.

The report shows that 56% of IT managers claim their companies are looking to replace their current BYOD security solution. Moreover, an alarming 46%, those working in companies that support BYOD, said they do not use tools or policies to protect corporate data.

It is also interesting to note that 28% of respondents said that their companies have limited BYOD deployment due to and inadequate security tools (28%), while 37% answered that their companies use mobile device password policies only.

BYOD is clearly on the rise but organization using such policy should remember that risks include:

  • Smartphones and tablets are easy prey for thieves and people often lose their phones or leave them unattended in public places
  • Devices are personally owned, changing employee expectations about privacy and security.
  • Employees take work off-premises: A Harris Interactive Poll (2011) found that more than 50 percent of employees use portable devices (smartphones, tablets, laptops, and flash drives) to take sensitive information outside company facilities.
  • Employees are liable to copy data from the corporate network onto their personal devices even when told not to.
  • Employees value convenience more than security and if a security policy is overly cumbersome or inconvenient, employees will find a way around it.
  • Lack of effective tools to enforce a secure BYOD setup.