Majority of firms vulnerable to BYOD risks: survey

Organizations still ignore simple security measures and employee education amid growing BYOD adoption, with only 21 percent carrying out remote device data wipes when employees leave the company.

Despite much discussions around potential risks brought about by bring-your-own-device (BYOD) adoption, most organizations today continue to ignore simple security measures and employee education to protect their business environment. 

Watch video

Asia firms still uncertain about BYOD support

Companies in the region are unsure if, and how, they should support the use of personal devices in the office as questions dealing with data and support remain tough to resolve, note participants in ZDNet roundtable.

Read More

According to a survey released Thursday by Acronis, 58 percent of enterprises did not have proper polices in place to manage employee-owned mobile devices, including smartphones, tablets, and personal computers.

About 31 percent said their organization prohibited personal devices from accessing the corporate network. However, 24 percent said they made exceptions for executives who could potentially be handling more sensitive corporate data, noted Acronis. 

Conducted in March and April this year by the Ponemon Institute, the survey polled 4,374 IT professionals across eight countries: China, Japan, the U.K., France, Germany, the U.S., Australia, and Brazil. 

A whopping 80 percent had yet to educate their employees on security and privacy risks related to BYOD, and 67 percent did not have policies that addressed the sharing of corporate files in public clouds, via third-party storage services such as DropBox. 

Only 31 percent mandated the need for personal devices to have passwords or keylocks, while 21 percent would perform remote data wipes on mobile devices when employees left the company.

And while 65 percent of respondents said their company would support Apple Mac systems in the next 10 months, 57 percent noted compatibility and interoperability were major obstacles to ensuring these systems were compliant with their IT policies. 

Simon Howe, Asia-Pacific sales director for mobility at Acronis, said in the report: "Personal devices have permanently and positively changed the workplace, particularly in the ways employees collaborate, work remotely, and interact with company data. 

"BYOD is a huge opportunity for companies, but our research shows troubling signs of negligence in the face of these dangers," he said, adding that enterprises should implement the right policies and tools to manage the flow of data between multiple devices and environments, and ensure a secure BYOD environment.

Looking at country-specific numbers, organizations in China fared better compared to the other countries with regard to implementing device management. Compared to the global average of 58 percent, only 38 percent of Chinese respondents--the lowest among the eight countries--did not have policies to manage personal devices. German companies scored the poorest at 75 percent, followed by the U.K. at 69 percent, and Japan at 65 percent. 

Japanese respondents, though, were the strictest with 40 percent prohibiting employee-owned devices from accessing the corporate network. China was next at 35 percent, followed by Brazil at 33 percent. 

German companies were also strict observers of the rules, with only 10 percent making an exception for executives. China and Japan shared second-place at 11 percent.