BYOD Security Management Still an Issue for Businesses
The Bitglass survey found just 14 percent of organizations have successfully deployed mobile application management (MAM) solutions.
Nearly three-quarters (72 percent) of organizations, led by the financial services sector, support BYOD for all or some employees, according to a Bitglass survey of more than 800 cyber security professionals across five major industries.However, relatively few organizations are able to control access to corporate data, remotely wipe devices or enforce device encryption.The survey, which included respondents from financial services, technology, health care, government and education organizations, found just 14 percent have successfully deployed mobile application management (MAM) solutions.”The level of concern with respect to security in BYOD is really no different than with other types of IT systems,” Rich Campagna, vice president of products at Bitglass, told eWEEK. “Regulated industries such as healthcare and financial services require that large numbers of users handle personally identifiable information, and the success of their business depends on their ability to protect customer data. The fact that these users are often mobile and demand BYOD access makes security particularly challenging.”
He noted fewer than half of organizations are doing anything other than password protection on BYOD devices – even choosing to forego policy basics like remote wipe and encryption.
“It seems that in an effort to support the demands of mobile users, security has been thrown out the window,” Campagna said.The report found that 62 percent of healthcare organizations see compliance as a top security concern, due to HIPAA’s stringent requirements.Notably, organizations across all sectors were concerned with data leakage – including 81 percent of financial services organizations, 90 percent of health care organizations and 79 percent of education organizations.Higher education lagged behind other industries in enforcing essential risk-control measures–just 18 percent of those surveyed have access controls in place, and just 29 percent have the ability to remotely wipe devices.In addition, just 14 percent of organizations have adopted MAM tools since their introduction in 2010, with most respondents citing employee privacy concerns and usability issues as top challenges to adoption.”All too often, when we see employees pushback on MDM tools due to privacy, deployment challenges or user experience issues, a decision is made to allow that user to bypass those controls, prioritizing access over security,” Campagna said. “The root cause is the fact that the industry has tried to shoehorn a tool best suited for managed device security into BYOD.”The report also found that device encryption was supported in only 36 percent of educational institutions, 56 percent of financial services organizations and 57 percent of health care organizations.
Source: eWeek