How CSOs are enabling secure BYOD
Wisegate released a new report that answers the industry’s most complex “Bring Your Own Device” (BYOD) questions while providing expert insight to help CSOs successfully build policies and effectively manage employee owned devices in the enterprise.
The report shares the latest perspectives of CSO members from across industries who agree that while allowing employees to use their own mobile devices improves job satisfaction and can increase productivity, it also raises serious questions about how to secure these devices when they are no longer completely under IT’s control.
“The explosion of employee owned devices being used in the enterprise has quickly become a main focus for CSOs,” said Bill Burns, Director of IT Security & Networking and Wisegate Member. “There is a confluence of events taking place: it’s quickly becoming more efficient for companies to use third-party cloud applications. And employees demand to be more mobile, bringing their own high-performance devices. The bottom line is there is no single best practice to securing corporate data on these devices — it requires a layered approach, balancing among cost, security, compliance, productivity and corporate culture.”
The report covers the most prevalent concerns of leading CSOs:
- The theft, loss or leakage of company data
- Proper storage and transmittal of company data
- The limitations of managing devices, and how far the organization can or should go toward locking-down devices
- Malware and spyware aimed at mobile devices
- How (or even whether) to support a growing number of devices that use a variety of operating systems, applications, firmware and mobile carriers.
To understand the evolution of opinions on BYOD issues that CSOs faced in 2012, Wisegate again posed the following question which was previously asked in 2011: “What is your position on securing mobile/handheld/tablet devices which your workforce uses (especially ‘bring your own device’)?” In comparison between 2011 and 2012, the percentage of members reporting an “only fully managed” approach to securing devices declined by 10%, while 15% more are using a hybrid approach.
- We will only allow fully managed and secured devices to utilize corporate services: 2011: 27% 2012: 17%
- We want to enable our workforce to work in whatever way is effective to them: 2011: 24% 2012: 22%
- We are moving from a ‘device centric’ strategy to a ‘user centric’ strategy and don’t think that devices can be fully secured. We focus on securing the sensitive transactions: 2011: 24% 2012: 22%
- We utilize a hybrid approach with more secured devices getting more access and less secured/managed getting less access: 2011: 20% 2012: 35%