As BYOD culture heightens, can enterprise security keep up?

Today, more enterprises have implemented a bring-your-own-device (BYOD) policy than ever before. However, a Bitglass survey of 400 IT experts illustrates that BYOD is proving particularly challenging for enterprise security.

The rise of BYOD

Overall, 85% of the survey's respondents said that their company enabled BYOD. In fact, those that deny access to personal devices are now in the minority - with just 15% doing so.

Among those that adopted BYOD, 74% said that it had improved employee mobility. 54% stated that it had also improved employee satisfaction, while 49% cited reduced costs as the policy's main benefit.

As the report illustrates, BYOD increases employee mobility, organisational flexibility, efficiency, and collaboration. However, just 19% of the respondents said that BYOD had reduced security risks in their organisation.

Jurijs Rapoports, Senior Security Engineer at X Infotech and Chapter Leader at the OWASP Foundation spoke to us about how BYOD and cybersecurity is affecting the enterprise. "While investment in cybersecurity is reaching an all-time high, other measures such as bring your own device or BYOD are being implemented to cover up any vulnerabilities," he commented.

Implementation concerns

Above all, 30% of respondents declared that the leading inhibitor to BYOD adoption was company security concerns. A further 22% said that employee concerns regarding privacy and cost was also major implementation barrier.

Data leakage was the most popular security concern, with 61% stating so. 53% also indicated that unauthorised data access was a barrier, while the same number of people said that their inability to control uploads and downloads was concerning.

For 52% of the respondents, the prospect of lost or stolen devices was a major concern. Meanwhile, 51% said that malware on BYOD devices posed the greatest risk to their company's security.

Lack of visibility

Overall, 13% of the respondents said that mobile threats had increased significantly this year. However, 38% stated that these threats had moderately increased due to BYOD and 36% said that they had not noticed any change.

43% of the respondents did not know whether any BYO devices or managed devices in their organisation had malware. As the survey states, this "lack of visibility is highly concerning."

In fact, one in five organisations lacked visibility into basic, native mobile apps (like email) on BYO devices. Moreover, just 55% of the organisations had the ability to monitor file sharing apps that store highly sensitive information.

Check out our latest Ask the Expert in which Dr. Andrew Aken, a leading voice in cybersecurity, discusses security, cyber crime and mentoring others