Employees Clueless About BYOD Security, but It's Companies' Fault
CREDIT: Password Image via Shutterstock
The "bring your own device" to work (BYOD) movement may be bringing headaches to some companies.
New research has found that 84 percent of employees use the same smartphone for work and pleasure, but just 53 percent said they had a passcode protecting that phone.
Clueless employees, however, may not be solely to blame for the potential security risks associated with BYOD. The research also found that 49 percent of respondents said their companies' information-technology departments had not discussed mobile or cybersecurity with them.
Additionally, 37 percent of respondents said their companies did not have security policies in place — an identical percentage as those who said their companies did. More than one-quarter of workers said they weren't sure whether their companies had policies at all.
Without proper education on the dangers of BYOD, workers will be prone to make mistakes that can potentially lead to cyberattacks and security vulnerabilities.
As examples, six in 10 workers said they still wrote down passwords on pieces of paper, while 36 percent said they reused passwords for multiple accounts.
Companies are not taking the necessary protection measures, despite the potential for security flaws to be exposed.
More than half of the respondents said their companies did not have the ability to wipe data from a phone if it were to be lost, and 28 percent said they were unsure if their companies could.
Even more disturbing was the finding that workers are often unsure of what to do if a device is lost.
A majority of workers said they were not sure whom to contact if they lost their phones, while 15 percent said they would call their service providers. Twenty-nine percent of workers said they would call their companies in the event of losing their device.
"The BYOD trend is not slowing down, and while it has many benefits, it's also introducing a number of new security risks that may be foreign to many companies," said Rick Dakin, CEO and chief security strategist with Coalfire, which conducted the research.
"The results of this survey demonstrate that companies must do much more to protect their critical infrastructure as employees work from their own mobile devices, such as tablets and smartphones, in the workplace," Dakin said. "Companies need to have security and education policies in place that protect company data on personal devices."
The information in this research was based on the responses of 400 individuals not working in information technology. The research was conducted by Coalfire, a New York-based IT governance and risk and compliance services company.