Credit: Security breach image via Shutterstock
Bring your own device to work (BYOD) shows no signs of going away in the corporate world, despite security concerns, a new survey shows. But heavy-handed efforts by corporations to shore up security by using mobile device management software are encountering pushback from IT professionals — the very ones tasked with securing corporate data.
Like it or not, BYOD is here to stay, according to a survey of more than 300 IT professionals sponsored by MokaFive, a security software company. Eighty-eight percent of respondents said their companies had some form of BYOD, whether sanctioned or not. But about one-third said their companies had no BYOD policy in place.
The downside of BYOD is that it brings the rampant use of insecure cloud services such as Dropbox, the survey found. Sixty-six percent of respondents said they or their companies used some service like Dropbox to store their data. These commercial cloud storage and backup providers can present security risks to corporate data, since data is in the hands of a third party.
But current BYOD security initiatives provide security at the expense of privacy, the survey found. Current security approaches such as mobile dev ice management (MDM) software are too intrusive, the respondents said. These IT professionals faulted MDM because of its exclusive focus on devices rather than the data at risk. More than three-quarters (77 percent) of professionals used strong negative words to describe their feelings about the use of the software, including "I don’t care for it," "Violated!" and "Not acceptable."
"BYOD is one of the most important directions in enterprise IT, with enormous potential benefits in productivity and cost savings," said Craig Mathias, a principal with the wireless and mobile advisory firm Farpoint Group. "But, as this survey reveals, BYOD isn’t just about securing or even managing mobile devices. There are major requirements in consciousness-raising, policy definition and enforcement, and end-to-end solutions that include not just devices, but the enterprise data they increasingly contain."