Story image

Businesses failing to secure BYOD - Bitglass

03 May 2019

Organisations are enabling bring your own device (BYOD) without putting proper security tools, training, and best practices in place, research has found.

According to Bitglass’ survey, most businesses are embracing BYOD in the workplace – 74% of respondents said that employees at their companies are allowed to use personal devices to perform their work.

However, nearly half of respondents (47%) either said that their employer did not have a clear BYOD security policy, or that they did not know if such a policy was in place at all.

Respondents considered unmanaged devices (31%) to be the top blind spot for data leakage; additionally, mobile devices (which are typically unmanaged) were the third largest blind spot at 18%.

Despite this, less than a fifth of respondents (16%) cited unmanaged devices as a top security priority for their organisations this year.

“Embracing BYOD can yield benefits like increased productivity, cost savings, and talent retention,” says Bitglass Regional Director Steve Armstrong.

“However, allowing employees to perform their work from personal devices can lead to data leakage if proper BYOD policies and security solutions are not put in place.”

“In order to securely reap the benefits of BYOD, organisations need advanced tools such as user and entity behaviour analytics (UEBA) and data loss prevention (DLP).

“Additionally, they must be able to selectively wipe corporate data from personal devices without affecting the personal data therein,” he adds.

“However, for deployments to be successful, these capabilities need to be implemented through an agentless solution that won’t hinder user privacy or device functionality.”  

Key Findings:

  • Respondents stated that their organisations’ top overall security priorities for the year were malware protection (26%), unmanaged device access (16%), consolidating security solutions (16%), controlling external sharing (14%), improved analytics (11%), and unmanaged applications (9%).
     
  • When asked for the tools that they saw as the least effective for securing personal devices, respondents identified password-protected documents as the frontrunner (36%), and face recognition (20%) as the second least effective.
     
  • For multifactor authentication on BYO devices, 37% of organisations use third-party applications, 13% use SMS tokens, 11% use hardware tokens, and 11% use Google Authenticator; 28% of respondents stated that their organisations do not use MFA on personal endpoints.
Forescout strengthens investment in OT security
Forescout’s latest features will provide enterprises with improved productivity, lower risk profiles and faster mitigation of threats.
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.