BYOD And Security: The Biggest Threat Of All


IT professionals are concerned about the use of smartphones and tablets in the workplace, but few restrictions are being put in place to protect sensitive corporate data, according to a new survey.

The survey found a rising interest in mobile device management to manage security policies and place controls on device activity but noted few real deployments of the technology. The survey of 3,300 IT professionals was conducted by B2B International and Kaspersky Lab in 2012. Survey respondents were from 22 countries and all indicated they influenced IT security policy, Kaspersky said.

"The deployment level of dedicated tools to ensure the security of mobile devices [mobile device management] is still extremely low both in small and large companies," the company noted in the report, which was issued Thursday.

[Related: Gartner: 65 Percent Of Enterprises To Adopt Mobile Management Solutions By 2017
]

The survey found that 34 percent of respondents considered mobile devices a serious threat to business, and 55 percent said they were thinking more about the security of corporate smartphones and tablets than they did last year.

Despite the attention given to mobile malware and attacks targeting device owners, the biggest threat to enterprises are lost and stolen devices, according to most security experts. The survey found that 10 percent of respondents experienced data leaks following the loss or theft of mobile devices.

Mobile malware still represents a tiny percentage of overall malware, indicating that attackers are still having an easy time finding victims on the desktop. Nonetheless, Kaspersky and other security vendors warn that mobile malware is steadily increasing, especially on devices running Google Android firmware. The highest risk for mobile malware is in Asia, Africa, certain Eastern European countries and India, according to Kaspersky. Overreaching mobile applications that collect location data, contacts and other information for advertising purposes also pose a threat.

Mobile device management platforms provide remote wipe capabilities and enable corporate IT teams to account for the various mobile platforms and the myriad handsets attempting to connect to the network. Advanced capabilities also enable companies to set up corporate mobile application stores, whitelist certain apps and deploy custom apps for access to corporate resources, but recent surveys have indicated that few organizations have set up a corporate store.

Kaspersky indicated that the organizations surveyed appear to be embracing the BYOD trend. Personal smartphones are prohibited in just 19 percent of companies, while full access to corporate resources is provided by 33 percent of companies.

The survey also found that 36 percent of respondents said they were even going to encourage their employees to use personal devices for work. "This approach could benefit a company but only if common safety rules for personal devices are enforced and an effective solution is implemented to control and protect all devices, regardless of whether they belong to the employee or the company," Kaspersky noted in the report.

PUBLISHED JAN. 10, 2013