Nine out of 10 senior staffers have BYOD access to corporate data

We asked ZDNet readers how much free reign their businesses allow their employees, and the results found that not only do senior staffers generally have access to whatever corporate data they like while on the go, there isn't a security policy in place half the time.
Written by ZDNet Australia team , Contributor

Almost nine out of 10 senior staff members from Australian organisations have access to corporate data on their personal mobile phones.

A recent ZDNet survey of IT decision makers within Australian organisations has found that 89 percent of businesses permit some members of their senior leadership team to access corporate data from their own mobile devices.

Breaking this figure down further, over half of all respondents (57 percent) indicated that of their senior leadership team, all or almost all (81 percent to 100 percent) possess this level of access.

Staff members that are allowed access to data. Click to enlarge.
(Image: CBS Interactive)

When it came to "less trusted" staff members, the level of access dropped, with 77 percent of respondents indicating that members of middle management have access. This figure again drops, to 64 percent, for all other staff.

The kind of data that was accessed by staff members is more restricted for financial data, with the company's financial data completely off limits 57 percent of the time, but these restraints are lower for customer and supplier data, at 44 percent and 43 percent, respectively.

The type of information that staff members have access to. Click to enlarge.
(Image: CBS Interactive)

Despite the high penetration of BYOD, the security precautions taken by respondents' organisations is lacking. About half of all respondents said that their business does not have a formal, documented security policy at all. When examining better practices, only 17 percent of all respondents said that they are certified to ISO 27001 standards. An additional 11 percent were undergoing certification at the time of the survey, but the remainder had not considered it.

Despite only half of the organisations having a security policy, it was billed by respondents as one of the top methods for controlling access; 77 percent of respondents said they use an "acceptable use" policy to outline what employees can and cannot do on their mobile devices.

The other top security measure was requiring passwords on mobile devices that connect to the network. Again, 77 percent of respondents use this to reduce risk.

Security measures that respondents have in place. Click to enlarge.
(Image: CBS Interactive)

Despite their seemingly growing popularity, the use of secure containers is one of the lowest adopted measures (28 percent) among respondents. For all of its benefits, the use of data encryption on mobile devices is also quite low (43 percent), and organisations use a mobile device management suite almost half of the time (46 percent).

The survey was conducted by CBS Interactive's insights and analytics division, and looked at the responses of over 100 IT decision makers.

Editorial standards