A study commissioned by RSA, the security unit of EMC, found that users are increasingly influencing IT and security decisions, and yet IT is not entirely prepared to handle the consumer devices that employees like to use.

A majority of companies that have policies on connecting personal devices to the corporate network still experience unauthorized connections. Serious security breaches stemming from the use of personal devices on the company network occurred at 23 percent of the larger companies in the study.

The report (.pdf) notes many of the risks inherent in allowing employees to use their personal gadgets for work, but it emphasizes the apparent pressure users are able to exert today. "To deprive them of [using their favorite forms of technology] in their work lives could be considered cruel and unusual," said Sam Curry, chief technologist for RSA.

The study, released July 22, was conducted by IDG. Four hundred IT and security professionals were asked about employees' use of personal devices and their use of social networking sites--and to what extent users are involved in company decisions regarding these tools. When it comes to decisions about smartphones, 66 percent of the respondents said that users are involved. When it comes to decisions about netbook or tablet computers, just over half said users are involved.

While the study found that 28 percent of the respondents said their companies allow employees to use personal devices for work, 40 percent do not allow users to link personal devices to the company network.

At the same time, enterprises increasingly are putting social networking sites to use for communications and marketing. More than a third of the respondents said their companies give all users access to social networking sites. At the other extreme, 19 percent said all users are blocked from using any social networking sites

Along with the IDG-conducted study, RSA issued a new report: "The Rise of User-driven IT: Re-calibrating Information Security for Choice Computing."

For more:
- see the RSA study on user-driven IT

Related Articles:
Apple, Google take detour into the enterprise
Study says teens take big risks online
ISACA: The five greatest risks of social networking
Survey: Many CIOs getting stricter about social networking