News By Tag
* More Industries...
News By Location
ITIC, KnowBe4 Study Shows Companies Lack BYOD Security
BYOD (bring your own devices) and mobility deployments are among the biggest trends in corporate computing usage but a new survey shows that 71% of businesses that allow BYOD, have no specific policies in place to support BYOD security.
By: ITIC Corp.
New ITIC/KnowBe4 Independent Survey Reveals 71% of organizations have no security policies and procedures in place for “bring your own devices” programs
(Boston, MA) September 4, 2012 – While BYOD (bring your own devices) deployments have been among the biggest trends in corporate computing usage in the last 12 to 18 months, a recent study found that 71% of businesses that allow BYOD, have no specific policies and procedures in place to support BYOD deployment and ensure security. The study was conducted jointly by ITIC, a research and consulting firm based in the Boston area specializing in conducting independent surveys tracking crucial trends and KnowBe4, a security awareness training firm.
The survey results indicate that nearly two-thirds of businesses now allow end users to BYOD and use them as corporate desktop or mobile devices to access organizational data including email, applications and sensitive data. BYOD usage does help businesses contain costs and lower the administrative burdens of IT departments as end users manage, maintain and in many cases pay for their own devices. However, there is a huge downside to this trend: security.
Kevin Mitnick (former ‘most-wanted’
The ITIC/KnowBe4.com survey, polled 550 companies worldwide in July and August. The survey found that only 13% of respondents said their firms have specific policies in place to deal with BYOD deployments, while another nine percent indicated they were in the process of developing BYOD procedures.
More firms are changing to the BYOD model. Legal services leader Foley & Lardner deployed BYOD in October of 2009. According to a recent article, the firm implemented this program to cut costs and enable their employees to work anywhere, anytime. The security issue on personal devices is said to be protected from “within the secure confines of our data center” (1).
BYOD can render corporations extremely vulnerable to security breaches. Unless the corporation has strong, effective policy, procedure and security awareness training in place to govern BYOD usage, the company and its sensitive corporate data could be put in a precarious position in the event that a mobile device is lost, stolen or more likely, hacked, a real possibility in recent times. (2)
Among the other ITIC/KnowBe4.com survey highlights:
• Organizations are split on who takes responsibility for the security of BYOD devices. Some 37% of respondents indicated the corporation was responsible;
• Presently, 51% of workers utilize smart phones as their BYOD devices; another 44% use notebooks and ultra books, while 31% of respondents indicated they use tablets (most notably the Apple iPad) and 23% use home-based desktop PCs or Macs.
• A 57% majority of respondents said the end users purchased/owned their BYOD devices; compared with only 19% that indicated the corporation buys and owns them.
• The top three challenges with respect to BYOD deployment were: difficulty of management and support (63%); provisioning new applications (59%) and security (48%).
ITIC principal analyst Laura DiDio added, “These survey findings should galvanize corporations to safeguard their data in advance of an expensive and potentially crippling loss or hack,” she said.
For necessary and vital security measures, every firm regardless of size should conduct a risk assessment review, adopt the ‘defense-in-
About Laura DiDio and ITIC
Laura DiDio is the founder and principal analyst of ITIC, which conducts primary research and surveys and tracks crucial high technology products and business trends. DiDio has over 20 years experience covering the high technology industry as both an analyst and a reporter.
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced Security Awareness Training. He and his colleagues work with companies in many different industries, including highly regulated fields such as healthcare, finance and insurance. Sjouwerman is the author of four books; his latest is Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.
(1) ZDnet.com , August 23, 2012. “Legal services leader and SMB Foley & Lardner makes strong case for BYOD” www.zdnet.com/
(2) “HP Research Reveals 56 Percent Rise in Cost of Cybercrime”; published on HP.com, August 2, 2011. www.hp.com/hpinfo/
Phone: (508) 887-9814
Karla Jo Helms