August 31, 2012
Employees in all industries are embracing the bring your own device movement. Businesses support this growing trend because it can increase productivity and allow employees to work from anywhere. However, companies are failing to enforce their BYOD data loss prevention measures.
According to a recent survey conducted by Coalfire, employees and their employers are not following BYOD rules. Smartphones, tablets and notebooks are being used for both personal and work purposes, but they fail to have the proper security measures.
Some organizations don't perceive the lack of BYOD education and security controls as a big deal, according to eWeek's Nathan Eddy. Forty-nine percent of respondents to the survey said IT never discussed mobile security with them and 51 percent said that their companies do not have the capabilities to wipe information off of their personal devices.
Employees who use personal devices at work are potentially engaging in risky behavior when they access sensitive information. Thirty percent of respondents said they could access confidential data, while 16 percent weren't sure if they could.
Other employees are working around the IT security controls to get corporate data. According to a survey conducted by iPass, 25 percent of mobile users employ a workaround to access information, either because IT was too slow, they needed to access something immediately or it was too much of a hassle to deal with IT.
Passcodes and security
Some organizations that rely on keeping information private are unnerved by the lack of BYOD education. Health centers specifically are worried about potential data breaches that could violate HIPAA guidelines, according to mHiMSS' Eric Wicklund.
“The results of this survey demonstrate that companies must do much more to protect their critical infrastructure as employees work from their own mobile devices, such as tablets and smartphones, in the workplace." said Rick Dakin, CEO and chief security strategist at Coalfire.
Experts recommend using a password as a form of protection to turn on a personal device. Three out of four workers use a passcode, according to iPass. However, passcodes are known by IT departments as a simple form of security that can be easily cracked.
IPass recommends enforcing a BYOD security plan to avoid any possible breaches. Companies should also communicate with their employees and clarify rules. As long as BYOD remains a popular trend among professionals, IT departments should take the necessary cloud security measures.
-McAfee Cloud Security