BYOD Runs Wild at Most Global Companies

More and more workers around the world are bringing their personal mobile devices to the office daily, and companies appear to be having trouble keeping up with the trend.

By John P. Mello
Thu, July 18, 2013

CSO

BYOD security, mobile security
More and more workers around the world are bringing their personal mobile devices to the office daily, and companies appear to be having trouble keeping up with the trend.

[ BYOD Creates Trust Gap Between Workers and Employers ]

[ What Can Employers Really See on a BYOD Smartphone or Tablet? ]

About 60 percent of organizations acknowledged they either don't have a policy that specifies how employees may use their own devices in the workplace (41 percent) or are just planning to write such a policy, a study released on Wednesday from Acronis and the Ponemon Institute has found.

"Even though we're still in the early stages of BYOD [Bring Your Own Device], companies are playing catch-up to where their users are," Anders Lofgren, director of Mobility Solutions for Acronis, told CSOonline.

Even as recently as three years ago, IT departments had an iron grip on the endpoints to their networks. "They could secure and provision a fixed device that was procured by the enterprise," said Ben Gibson, chief marketing officer for Aruba Networks.

Now IT has to deal with many devices being brought to work by employees. "Enterprises and IT organizations are in the process of catching up with this trend," Gibson said.

Slow adoption of BYOD policies by companies could be a sign of denial, said Steve Martino, vice president of information security and acting CISO of Cisco. "If a company doesn't have a BYOD policy, it's because they're trying to pretend this isn't happening in their organization," he saidA'A in an interview. "They think that if they don't have a policy, BYOD isn't happening in their organization."

Of the companies with BYOD policies, almost three quarters of them imposed highly restrictive policies on their workers by either requiring personal devices to be approved by the company before being allowed to access the firm's networks (43 percent) or banning personal devices from company nets (31 percent).

Those numbers could be misleading because there are industries where launching BYOD programs is severely limited, such as banking, pharmaceuticals, health care and defense. "But those barriers are breaking down," Acronis'sA'A Lofgren said.

[Joan Goodchild in Leading Edge: Should security be responsible for BYOD policy?]

While it may be necessary to restrict BYOD in some industries dealing with highly sensitive data, it isn't necessary for most rank-and-file office workers, said Cisco's Martino.

"For the basic white collar productivity worker, companies can see real benefits from a BYOD program," Martino said. "By forbidding BYOD, you encourage people to work around the policy."

Continue Reading

Originally published on www.csoonline.com. Click here to read the original story.
Our Commenting Policies