Majority of firms vulnerable to BYOD risks: survey

Majority of firms vulnerable to BYOD risks: survey

Summary: Organizations still ignore simple security measures and employee education amid growing BYOD adoption, with only 21 percent carrying out remote device data wipes when employees leave the company.

SHARE:

Despite much discussions around potential risks brought about by bring-your-own-device (BYOD) adoption, most organizations today continue to ignore simple security measures and employee education to protect their business environment. 

According to a survey released Thursday by Acronis, 58 percent of enterprises did not have proper polices in place to manage employee-owned mobile devices, including smartphones, tablets, and personal computers.

About 31 percent said their organization prohibited personal devices from accessing the corporate network. However, 24 percent said they made exceptions for executives who could potentially be handling more sensitive corporate data, noted Acronis. 

Conducted in March and April this year by the Ponemon Institute, the survey polled 4,374 IT professionals across eight countries: China, Japan, the U.K., France, Germany, the U.S., Australia, and Brazil. 

A whopping 80 percent had yet to educate their employees on security and privacy risks related to BYOD, and 67 percent did not have policies that addressed the sharing of corporate files in public clouds, via third-party storage services such as DropBox. 

Only 31 percent mandated the need for personal devices to have passwords or keylocks, while 21 percent would perform remote data wipes on mobile devices when employees left the company.

And while 65 percent of respondents said their company would support Apple Mac systems in the next 10 months, 57 percent noted compatibility and interoperability were major obstacles to ensuring these systems were compliant with their IT policies. 

Simon Howe, Asia-Pacific sales director for mobility at Acronis, said in the report: "Personal devices have permanently and positively changed the workplace, particularly in the ways employees collaborate, work remotely, and interact with company data. 

"BYOD is a huge opportunity for companies, but our research shows troubling signs of negligence in the face of these dangers," he said, adding that enterprises should implement the right policies and tools to manage the flow of data between multiple devices and environments, and ensure a secure BYOD environment.

Looking at country-specific numbers, organizations in China fared better compared to the other countries with regard to implementing device management. Compared to the global average of 58 percent, only 38 percent of Chinese respondents--the lowest among the eight countries--did not have policies to manage personal devices. German companies scored the poorest at 75 percent, followed by the U.K. at 69 percent, and Japan at 65 percent. 

Japanese respondents, though, were the strictest with 40 percent prohibiting employee-owned devices from accessing the corporate network. China was next at 35 percent, followed by Brazil at 33 percent. 

German companies were also strict observers of the rules, with only 10 percent making an exception for executives. China and Japan shared second-place at 11 percent.

Topics: Security, China, Bring Your Own Device, Japan

About

Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently based in Singapore, she has over 16 years of industry experience with various publications including ZDNet, IDG, and Singapore Press Holdings.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Logic is sound

    It makes sense that the companies prone to making bad decisions such as BYOD also are clueless in regards to the amount of effort it takes to make it a less catastrophic decision. I'm sure this indicative of a pattern of general stupidity, and Darwinian forces will send these companies into extinction as firms led by smarter folks take their place.
    jvitous
  • thoughts

    " . . . while 21 percent would perform remote data wipes on mobile devices when employees left the company."

    Well, it's sounding a lot like it's gonna be business need for security vs employee need for control. Over a device that frankly the employee owns. It's a conflict of interest, and it's not going to go away any time soon.

    . . . and that's why I'm likely to just buy my own device rather than bring my own device.

    I'm not really sold on the idea of BYOD. I really don't think the benefits outweigh the risks.
    CobraA1
  • Enterprise Mobility Solutions - Extentia IT

    First of all, when companies start some new strategies like BYOD or similar they should prepare for that. If companies themselves can't manage or implement it they should always contact professionals. Only good preparation and implementation could lead to a successful usage of new technologies and changes in the company.
    Rahul Onmark