BYOD security: Not my job, say many employees


If 2013 was filled with headlines about BYOD adoption, 2014 is rapidly becoming a year of BYOD risk headlines.

The latest warning comes from Centrify, an identity management software provider, which surveyed 500 employees at mid-to-large size companies about their BYOD practices and views of IT security matters.

"Despite industry-side threats such as Heartbleed and recent high-profile data breaches, a majority of enterprise employees are still not vigilant with their mobile security," Centrify said in an email to FierceCIO.

Perhaps the most disturbing findings of the Centrify survey: 15 percent of employees surveyed said they feel "none to minimal" responsibility to protect corporate data stored on their personal devices.

"The study also reported that 10 percent of respondents still do not have a password, PIN or other security measure enabled on the mobile device they use for work purposes, potentially exposing organizations to great risk," Centrify said.

To be fair, there are a large number of employees who do think about security and personal responsibility. The Centrify survey put that number at approximately 45 percent. Another 10 percent think about their responsibility only a few times a year, the survey showed.

"The results show that even employees of large multinational corporations, who are consistently warned of the dangers to their data directly from their IT department, are not keeping security top of mind," said Michael Osterman, principal of Osterman Research, was quoted in the Centrify report as saying. "It is clear that organizations need to continue to educate employees on the dangers and risks of mobile security but also look to solutions that safeguard the devices and applications which these employees have access to."

Among other survey findings:

  • On average, 45 percent of employees surveyed have more than six third-party applications installed on their personal device
  • 43 percent have accessed sensitive corporate data on their personal device while on an unsecured public network, such as the airport or coffee shop
  • More than 15 percent of employees surveyed have had their personal account or password compromised

Related Articles:
Lessons learned from AT&Ts BYOD program [FierceMobileIT]
Mobile device security market forecast to triple by 2018 [FierceMobileIT]
BYOD poses hurdle for backup administrators [FierceMobileIT]

Filed Under