In the new BYOD Security Report conducted by Webroot through first-of-its-kind research, Webroot examined the use and security of personal mobile devices in the work environment, looking at the prevalence of employee-owned devices. The initial survey, conducted in late 2013, explored the prevalence of employee-owned devices, how they are being secured, and employee concerns regarding company-mandated security programs. The second survey, conducted in March 2014, looked at how IT managers view the risk of employee-owned devices, the prevalence of formal mobile security policies, and the extent to which employee input is included in developing BYOD policies.
Pulling from that report are some interesting key facts and findings, including:
- Although 98% of employers have a security policy in place for mobile access to corporate data, 21% allow employee access with no security at all.
- Over 60% of IT managers surveyed reported the use of personal devices by their employees and 58% indicated they were ‘very’ or ‘extremely’ concerned about the security risk from this practice.
- Most employee devices are lacking real security with only 19% installing a full security app and 64% of employees limited to using only the security features that came with their devices.
- Over 60% of employers indicated they seek employee input on mobile device security policies, but over 60% also said employee preference has little or no influence on mobile security decisions.
- Top concerns from employees regarding a company-mandated security app include employer access to personal data, personal data being wiped by an employer, and employers tracking the location of the device. Other concerns included impact on device performance and battery consumption.
- 46% of employees using personal devices said they would stop using their devices for business purposes if their employer mandated installation of a specific security app.
All in all, the report shows that there are striking signs that many employers and employees do not take necessary steps to ensure the protection of the corporate data on their personal devices. While this is a weakness in the systems now, tools such as Webroot Web Security Services and SecureAnywhere Business Mobile Protection do exist to help implement security policies, and when paired with new, forward-thinking BYOD policies, can prove to be effective in keeping the corporate data secure.
To read the full press release on the report, please click here: Press Release
For the full report, download here (PDF): Fixing the Disconnect between Employer and Employee for BYOD