Employers are failing to face up to the threats posed by employees who use their own mobile devices at work – 40% of companies do not consider the ‘bring your own device’ (BYOD) trend even to be on their agenda, according to a survey of IT and communication industry workers.
Just one quarter of those surveyed said that their employer had embraced the idea – but IT experts have warned that employees will bring in devices “under the radar” unless employers make policy clear.
Managing Director of Qubic, cloud communication specialist, which conducted the survey via ChannelWeb.co.uk, Chris Papa says: “This is coming whether they like it or not and sooner or later they are going to have to deal with it. Employees are using their own devices and bringing them into work regardless of their employers’ views.”
“Undecided employers will have to climb down off the fence and either prohibit BYOD for work completely, blocking access to their systems and their clients’ data, or apply sufficient controls to protect their own and their clients’ data.”
Earlier this year, Rolf von Roessing, head of security trade body ISACA said that in many workplaces, security teams were facing a “tidal wave” of challenges caused by mobile devices.
“For effective protection, security professionals need access to mobile operating systems, but this is not always possible and consequently 30% to 40% of devices are under the radar,” said von Roessing.
Over the past year, ESET’s detections of Android malware have risen 60%, as revealed in the annual Threat Trends Prediction report. ESET labs have also noted an increase in Android malware built using PC-like techniques.
“Next year will also see an escalating increase in serious threats targeting Android phones and tablets – ESET detections of such malware increased more than 60% between 2012 and 2013. This trend is predicted to continue in 2014,” the report warns.
Chris Papa says: “The employer and employee must have a clear understanding of what is expected of them. Of paramount importance is ensuring that the benefits BYOD has to offer, do not compromise the security of the workplace.”
ESET Senior Security Researcher Stephen Cobb said, in a detailed blog post cataloguing some of the risks of BYOD,“The phenomenon of organizations allowing or encouraging their employees to use their own computing devices for work–known as Bring Your Own Device, or BYOD–is now widespread in many countries, bringing with it some serious risks to company networks and data.”
A We Live Security guide to the risks of BYOD – and how to avoid being the guy who, as the old IT joke has it “brings his own disaster,” can be found here.
Author Rob Waugh, We Live Security