Case Studies

BYOD surveyed

by msecadm4921

Many have hailed Bring Your Own Device (BYOD) as the future, claiming that the practice brings only benefits to the business arena by enabling employees to be more productive. However, an international survey of end-users (graduate employees in their 20s) commissioned by an IT security product firm suggests that the opposite might be true.

 

 

Fortinet conducted a survey that suggests the extent of the challenge posed to corporate IT systems by first generation Bring Your Own Device (BYOD) users; people entering the workplace with an expectation to use their own devices. The survey describes the degree to which security is widely given low consideration by Gen-Y employees using their own devices, including the disturbing fact that more than one in three employees would contravene a company’s security policy that forbids them to use their personal devices at work or for work purposes. Overall, the findings underscore the urgency with which enterprises should develop security strategies to successfully secure and manage BYOD activity.

 

The survey, conducted in 15 territories during May and June 2012, asked over 3,800 active employees in their twenties about their perspectives on BYOD, its impact on their work environment and their approach to personal and corporate IT security.

 

BYOD here to stay

 

Within the demographic of the survey, which represents tomorrow’s management and decision makers, BYOD is confirmed as a mainstream activity. Nearly three quarters (74 per cent) of respondents across all territories already regularly engage in the practice. More importantly, 55pc of respondents view using their device at work as a ‘right’ rather than a ‘privilege.’

 

From a user perspective, the primary driver of the BYOD practice is that individuals can constantly access their preferred applications, especially social media and private communications. The dependence on personal communications is strong with 35pc of respondents admitting they could not go a day without accessing social networks, and 47pc unable to last a day without SMS.

 

Lax consideration  

 

The first generation of BYOD workers understand the risks posed by BYOD to their organisation. Forty-two percent of the survey sample actually believe potential data loss and exposure to malicious IT threats to be the dominant risk. Yet, worryingly for IT departments, this risk awareness does not prevent those workers from bypassing corporate policies. In fact, more than a third of respondents (36pc) admitted they have or would contravene a corporate policy banning the use of personally-owned devices for work purposes. Of the 15 countries surveyed, the figure is highest in India where 66pc admitted they have or would contravene policy.

 

When asked about policies banning the use of non-approved applications, the figure remains about the same, with 30pc of all respondents admitting they have or would contravene policy. The risk to organisations from non-approved applications looks set to grow. Indeed, 69pc of respondents confirmed they are interested in Bring Your Own Application (BYOA) – where users create and use their own custom applications at work.

 

The survey also hinted at the resistance organisations might face with regards to implementing security on an employee’s device. The majority (66pc) of respondents consider themselves – not the company – to be responsible for the security of the personal devices they use for work purposes. This is three times the number who believes responsibility ultimately rests with their employer (22pc).

 

“The survey clearly reveals the great challenge faced by organisations to reconcile security and BYOD,” said Patrice Perche, international vice president of International Sales and Support for Fortinet. “While users want and expect to use their own devices for work, mostly for personal convenience, they do not want to hand-over responsibility for security on their own devices to the organisation. Within such an environment, organisations must re-gain control of their IT infrastructure by strongly securing both inbound and outbound access to the corporate network and not just implement mobile device management or “MDM”. Organisations cannot rely on a single technology to address the security challenges of BYOD.The most effective network security strategy requires granular control over users and applications, not just devices.”

 

Note 

 

The research exercise between May 31 and June 12, 2012 was on behalf of Fortinet by market research company Vision Critical. The survey involved 3,872 university graduate level individuals aged 20 to 29 and in full time employment, who own their own smartphone, tablet or laptop. The15 territories in the survey: USA, UK, France, Germany, Italy, Spain, Poland, UAE, India, South Korea, China, Singapore, Taiwan, Japan and Hong Kong.

Related News

  • Case Studies

    BID manifesto

    by Mark Rowe

    Business Improvement Districts (BIDs) should include business crime in their work – and what they spend their millions on, says a manifesto…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing