BYOD exceptions expose Aussie organisations to data security vulnerabilities: Acronis

Summary:Most companies don't have a BYOD policy, and of those that do, a quarter give C-suite executives special treatment, according to a survey by data backup vendor Acronis.

C-level executives that get special treatment when it comes to bring-your-own-device (BYOD) policies are exposing their organisations to security risks, according to data backup vendor Acronis.

In Acronis' 2013 Data Protection Trends Research report, the vendor surveyed over 4,300 IT professionals across eight countries, with 390 of them in Australia.

According to the report, 57 percent of Australian organisations do not have a BYOD policy, and 33 percent don't even allow personal devices to access the corporate network. For the rest that do allow BYOD, 27 percent of them give exceptions to BYOD policies to C-level executives.

"Often, the exceptions are made for C-level executives because they want to have certain availability and access to data," Acronis sales manager for Australia and New Zealand Simon Howe told ZDNet. "But typically, you would imagine the C-levels will have the most critical data and giving them exceptions to BYOD policies are a security risk."

Giving employees a chance to bypass BYOD policies, particularly with more senior-level representatives, is an open invitation for data loss and serious compliance issues, according to the vendor.

"There shouldn't be any exceptions at all," Howe said.

Australian organisations have been found to be rather lax with implementing basic IT security measures, as well.

Only 31 percent of local companies mandate device passwords or key locks on personal devices, and a paltry 15 percent perform remote wipes on employee devices when they depart from the business.

Educating employees on BYOD is also critical for protecting organisations from security breaches. Around 79 percent of Australian companies haven't educated their staff on BYOD privacy risks at all.

"One of the first steps companies can do that don't yet have BYOD is to simply just train staff on the appropriate use of data on those mobile devices," Howe said.

Topics: Security, Australia

About

Spandas forayed into tech journalism in 2009 as a fresh university graduate spurring her passion for all things tech. Based in Australia, Spandas covers enterprise and business IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.