Information technology departments may have a new acronym to contend with: BYOD. Standing for "Bring Your Own Device," BYOD can pose real security and technology risks for your business's IT department, but many IT folks say the risks are worth it.
That's the finding of the 2011 Information Systems Audit and Control Association (ISACA) IT Risk/Reward Barometer, which found that 58 percent of U.S. information security and IT audit professionals view mobile devices owned by employees as posing the greatest risk, compared to 33 percent who said work-supplied smart phones, laptops/netbooks, tablet computers, broadband cards or flash drives posed a greater risk.
However, 27 percent of those surveyed said the benefits of BYOD outweigh the risks.
[Best Mobile Security Software Reviewed]
“BYOD presents both opportunities and threats. It lets employees and organizations take advantage of technology innovations at limited cost to the organization," said John Pironti, adviser with ISACA and president of IP Architects, LLC. "Unfortunately, it also introduces new vulnerabilities, due to the limited ability of most organizations to effectively manage and secure employee-owned devices accessing their information infrastructure. Organizations should educate employees on their security requirements and implement a comprehensive mobile device policy aligned with their risk profile.”
Perhaps as a result of the security risks, 40 percent of respondents expect information security staffing requirements to increase over the next year. Thirty-four percent expect their risk management staffing requirements to rise.
- 10 Ways to Cut Your IT Budget Today
- Playing Catch-up: IT Departments Face Security Dilemma
- 5 Technologies That Might Be Extinct by 2012