BYOD governance, security and privacy issues
Even IT professionals tasked with securing corporate data would be concerned about the privacy of their personal information if mobile device management (MDM) software were installed on smartphones or tablets they brought from home to use at work, according to MokaFive.
The study explored concerns around Bring-Your-Own-Device (BYOD) programs. Key findings included:
BYOD is here to stay, like it or not: Eighty-eight percent of respondents said their companies had some form of BYOD, whether sanctioned or not.
Current BYOD approaches provide security at the expense of privacy: Survey participants found current security approaches, such as MDM too intrusive. When specifically speaking to MDM, 77 percent of respondents had strong negative words to describe their feelings about the use of the software, including “I don’t care for it,” “Violated!” and “Not acceptable.”
BYOD brings rampant use of insecure cloud services like Dropbox: Sixty-six percent of respondents said that they or their companies used some service like Dropbox to store their data. These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party. Even when cloud repositories are encrypted, it’s often that third party—not their customers—who hold the encryption keys.
“BYOD is one of the most important directions in enterprise IT, with enormous potential benefits in productivity and cost savings,” said Craig Mathias, a principal with the wireless and mobile advisory firm Farpoint Group. “But, as this survey reveals, BYOD isn’t just about securing or even managing mobile devices. There are major requirements in consciousness-raising, policy definition and enforcement, and end-to-end solutions that include not just devices, but the enterprise data they increasingly contain.”
Despite the fact that most survey respondents were IT personnel, about one-third reported having no BYOD policies in place. Ten percent admitted to not knowing whether their companies even had BYOD policies.