Like It or Not, BYOD Is Here to Stay
CREDIT: Security breach image via Shutterstock
The practice of bringing your own device to work (BYOD) shows no signs of going away in the corporate world despite security concerns, a new survey shows.
But heavy-handed efforts by corporations to shore up security by using mobile-device-management software are encountering pushback from IT professionals — the very people tasked with securing corporate data.
Like it or not, BYOD is here to stay, according to a survey of more than 300 IT professionals sponsored by MokaFive, a security software company. Eighty-eight percent of respondents said their companies had some form of BYOD in practice, whether sanctioned or not. But about one-third said their companies had no BYOD policy in place.
The survey found that the downside of BYOD is that it brings the rampant use of insecure cloud-storage services, such as Dropbox, into the corporate network. Sixty-six percent of respondents said they or their companies used a service like Dropbox to store their data.
These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party.
But current BYOD security initiatives provide security at the expense of privacy, the survey found.
Current security approaches such as mobile-device-management (MDM) software are too intrusive, the respondents said. These IT professionals faulted MDM because of its exclusive focus on devices rather than the data at risk.
More than three-quarters (77 percent) of professionals used strong negative words to describe their feelings about the use of the software, including "I don’t care for it," "Violated!" and "Not acceptable."
"BYOD is one of the most important directions in enterprise IT, with enormous potential benefits in productivity and cost savings," said Craig Mathias, a principal with the wireless and mobile advisory firm Farpoint Group. "But, as this survey reveals, BYOD isn’t just about securing or even managing mobile devices.
"There are major requirements in consciousness-raising, policy definition and enforcement, and end-to-end solutions that include not just devices, but the enterprise data they increasingly contain."
This story was provided by BusinessNewsDaily, a sister site to SecurityNewsDaily. Reach BusinessNewsDaily senior writer Ned Smith at email@example.com. Follow him on Twitter @nedbsmith.We're also on Facebook & Google+.