14 DAY TRIAL // The security implications of policies regulating the use of personal devices to access company data are acknowledged in many firms, although the measures are often disregarded, a study reveals.
Published by Bluebox Security, the report shows that because of the increased technological capabilities of mobile devices, their number has increased exponentially, reaching a world total of 7.1 billion subscriptions.
Users tend to use their phones at work more often than it is believed, and in plenty of cases they’re used for accessing company information.
According to the study, 40% of the participants would use two or more personal devices at work. However, most of them (90%) rely on smartphones to check their email, SMS activity, access social networks or use work-related apps.
Although most users believe that iOS offers better security than an Android device, both of them are vulnerable to a large number of attack vectors when used behind the company network.
Phishing, address book mining or backup hijacking are just a few of the types of attacks both platforms are exposed to, all the more when used in a corporate environment.
The number of apps accessed from mobile devices has increased and, as such, smartphones and tablets have become the new enterprise desktop.
With employers trusting the employees that they’re not using unapproved apps and with employees actually deploying about 21 apps, the security risks become evident in lack of proper BYOD (bring your own device) policies in place.
Only 40% of the companies involved in the study reported having BYOD policies in place, but some employees have absolutely no clue about the restrictions imposed.
Based on a survey from December 2013, a large number of companies have suffered mobile data loss and some of them were required to make a public disclosure of the incident. The damage could be pretty big if you think only of the reputation of the affected companies.
Paradoxically, 76% of the employees included in the report expressed concerns about privacy when using personal devices at work, and 64% of the IT staff places such concerns well below security considerations.
Stressing the importance of BYOD policies, Adam Ely, the COO and co-founder of Bluebox Security, told us that “we as an industry spent time trying to protect everything when we should have been focused on what was most important. Instead of mitigating every risk, increasing the number of rings of security, we need to make sure that the ring is where we need it most - next to the thing that really matters to the business.”