Study explores security gaps linked to BYOD initiatives

Published: Tuesday, 22 June 2021 07:49

Bitglass has released findings from its 2021 BYOD Security Report that show the risks associated with the rapid adoption of unmanaged personal devices connecting to work-related resources (BYOD).

The study, a joint venture with Cybersecurity Insiders, surveyed hundreds of cyber security professionals across industries to better understand how COVID-19’s resulting surge of remote work has affected security and privacy risks introduced by the use of personal mobile devices. The insights in this report are especially relevant as more enterprises are shifting to permanent remote work or hybrid work models, connecting more devices to corporate networks and, as a result, expanding the attack surface.

Key findings include:

BYOD is here to stay

The shift to remote work amid the pandemic resulted in 47 percent of organizations reporting an increase of personal devices being used for work. As a result, a total of 82 percent of organizations said they now actively enable BYOD to some extent. While the use of personal devices has helped businesses improve employee productivity and satisfaction, while also reducing costs, challenges associated with managing device access and mobile security remain.

Securing BYOD to prevent data loss/theft is a top concern

The most critical concern respondents expressed was data leakage or loss (62 percent). Other apprehensions included users downloading unsafe apps or content (54 percent), lost or stolen devices (53 percent), and unauthorized access to company data and systems (51 percent).

Enterprises are running blind when it comes to securing BYOD devices against modern security threats

Only 22 percent of organizations indicated they can confirm that unmanaged devices have downloaded malware in the past 12 months. However, nearly half (49 percent) indicated they are not sure or could not disclose whether the same could be said for them. This lack of visibility can be detrimental to the overall business.

Many organizations are securing BYOD with old tools vs modern threats
A total of 41 percent of organizations reported relying on endpoint malware protection for BYOD, an approach that is not ideal for personal devices which are hard to control and manage. Over a quarter (30 percent) of firms said they don’t protect against malware for BYOD at all. While cloud-based malware protection tools are often a far better fit, only 11 percent of organizations surveyed are currently using these measures.

Methodology

Cybersecurity Insiders surveyed 271 cyber security professionals, conducted in April 2021, to gain deep insight into mobile BYOD security threats faced by organizations and the solutions to prevent and remediate them. The respondents range from technical executives to IT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

More details.