Enterprises are being ignorant towards the issues BYOD is causing to their business says backup vendor Acronis. James Rawbone, Senior Partner Account Manager EMEA, Enterprise Mobility Solutions at Acronis, shared his opinions with Desire Athow at ITProPortal on why and how enterprises are being ignorant towards BYOD issues.
The Acronis 2013 Global Data Protection Trend Report developed by the Ponemon Institute identified five surprising BYOD trends:
1. There are big gaps in secure BYOD policies across organizations. The Acronis survey found that 60% of businesses have no personal device policy in place, and those with policies 24% make exceptions for executives, who are most likely handling the most sensitive corporate data. As a result, these organizations are increasingly vulnerable to data loss and serious compliance issues.
2.Simple security precautions are not being adopted. The survey found only 31% of companies mandate a device password or key lock on personal devices, and only 21% do remote device wipes when employees leave the company, drastically increasing the risk for data leakage.
3.Businesses underestimate the dangers of public clouds. The researchers report that corporate files are commonly shared through third-party cloud storage solutions such as DropBox, but 67% of organizations don’t have a policy in place around public clouds and 80% haven’t trained employees in the correct use of these platforms.
4.The growth of Apple (AAPL) devices is complicating BYOD security for administrators. 65% of organizations will support Macs in the next year, and 57% feel compatibility and interoperability are still big obstacles to getting Macs compliant with their IT infrastructure. This puts data stored and shared across the corporate network and on Apple devices at risk.
5.Some organizations are ignoring the benefits of mobile collaboration altogether. More than 30% surveyed actually forbid personal devices from accessing the network.
Mr. Rawbone sees two reasons organizations are not educating or training their employees on the risks of BYOD. First is time and money. Most companies have tight budgets across the board and in particular within their IT department, as well as their overall staffing. The second excuse for not training their staff is that they are unaware that their staff is using these solutions, or they are turning a blind eye to the issues effect their corporate data and overall IT infrastructure.
The Acronis Senior Partner told ITProPortal there are legal and compliance issues associated with BYOD; but generally BYOD can be adapted to each compliance regulation and rule. The main concern of BYOD is data protection and ensuring that as employees bring devices to-and-from the workplace, confidential corporate data is adequately protected while remaining easily accessible. An important part of data protection, often not addressed by BYOD strategies, includes ensuring that information and records comply with privacy laws like the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX), as well as specific industry and regional privacy regulations.
Mr. Rawbone concludes by reminding the author that the important thing every business needs to remember is that mobile devices can be replaced for a small cost in comparison to having your confidential data stolen and used incorrectly.
Companies need to embrace technological evolution and look at the business benefits of BYOD. Otherwise, he claims they will be facing some serious network and data issues and worst of all potentially facing some legal problems in the coming future.
Creating a mobile device security policy doesn’t have to be complicated, but it needs to encompass devices, data, and files. The article lists a number of simple things organizations should do, like require users to key-lock their devices with password protection. 68% of those surveyed use VPN or secure gateway connections across networks and systems, and 52% use Microsoft (MSFT) Active Directory and/or LDAP. The simplest place to start is to use device key-lock and password protection.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.