Mobile boom turns BYOD into unmanaged risk

Pro
Image: StockXpert

7 June 2013

The challenge of securing mobile devices is starting to overwhelm some IT departments, with many being left in an unmanaged despite the risks of data loss and rising costs of incidents, a global survey by Check Point has found.

It would be easy to dismiss yet another survey on mobile data security as ambulance chasing by a security company, but Check Point’s interrogation of 790 IT professionals in the US, Canada, UK, Germany and Japan (across a range of sizes) revealed a perfectly plausible degree of chaos.

First the numbers with nearly half of those questioned described a fivefold increase in mobile devices compared to two years ago.

BYOD probably explains mush of this surge with 67% saying that regardless of size their organisations recorded personally-owned devices connecting to their networks. A curious 2% even said that they only had personally-owned devices on their networks.

The bottom line is that networks are suddenly inundated with mobile devices, particularly harder-to-manage ones such as tablets and smart phones.

Most think this is a problem, with two thirds worried about the risks to corporate data and the physical resources that live on them posed by the BYOD boom.

Surprisingly given this worry, a nearly identical 63% stated that they had no policy for managing the data on privately-owned devices, although this was far less true for larger organisations.

Looking at organisations with under 1,000 employees, only 17% had some form of “technical approach” to managing data on BYOD.

The most common form of data held on BYOD devices was business email (88%), contact information (74%), and a corporate calendar (72%). Customer data was also present in just over half of the time.

The survey found clear evidence that security incidents on mobile devices can be expensive, with 16% of respondents mentioning a total cost of $500,000 (€379,900) or higher. A further 26% pegged it at somewhere between $100,000 and $500,000.

This probably is not as alarming it sounds; any large organisation is going to face significant costs from the loss, damage or theft of mobile devices. Most of the time, employee incompetence was seen as a greater risk than that from cybercriminals.

“Without question, the explosion of BYOD, mobile apps, and cloud services, has created a herculean task to protect corporate information for businesses both large and small,” said Check Point’s security researcher, Tomer Teller.

So why are so many organisations not managing data on employee devices? The answer seems to be a lack of affordable tools, a particular issue for smaller firms.

“Companies have been overwhelmed by BYOD, and they are evidently still trying to get to grips with the problem – especially firms with 1000 employees or less,” said Teller.

“I believe part of the reason is that smaller companies will typically have fewer IT resources available to audit what personal devices are in use and manage and secure corporate data on them, and they also may not be fully aware of the tools and policies that can help them control this issue,” he said.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie