Employee Carelessness Still Poses Greatest BYOD Security Threat

by Matt Klassen on December 9, 2014

In developed nations a staggering 95 percent of IT professionals face ongoing challenges in supporting and securing the corporate Bring Your Own Device (BYOD) trend because of employee carelessness. While truly this is nothing new, recent studies show that the threat of employee carelessness to BYOD security is getting worse, not better, as more and more personal devices connect to corporate networks without any thought to data security or IT protocols.

According to a study by Check Point Software Technologies, of 800 respondents across the U.S., Canada, Australia, Germany, and the U.K., nearly two-thirds blamed recent high-profile corporate data breaches on employee carelessness and inattention. Again the problem is only getting worse, for while employees are clearly the weakest link in the corporate security chain, most IT networks reported a sharp increase in personal mobile devices connecting to their networks over the past two years.

But not only are incidents of employee carelessness resulting in network breaches on the rise, but corporate remuneration for such incidents has markedly increased as well, with almost half the respondents surveyed noting that mobile security incidents has cost their respective organizations $250,000 or more… certainly a lot to pay for the convenience of using our favourite gadgets at work.

According to the study, this year alone 56 percent of those surveyed managed networks that were access by employee-owned devices, up from 37 percent in 2013. While this is clear evidence that the BYOD movement is here to stay, that’s not good news for IT professionals, as nearly all respondents (98%) indicated they were concerned about the ramifications a damaging mobile security incident would have on their respective organizations, with the greatest threat being the “potential for lost and stolen information.”

The problem, as I’ve said before, is not that companies are now brimming with employees keen on industrial espionage, but that companies are now brimming with employees who are almost completely ignorant of mobile security and the ramifications of a data breach. In fact, I wouldn’t be surprised if employees would generally consider their mobile device to be naturally more secure than other platforms such as a PC.

As an unrelated study regarding parents controls over their children’s’ Internet use found, parents assumed the mobile Internet was somehow different (and safer) than the one accessed from more traditional platforms, leading parents to be more lax in their supervision of their children’s’ online habits while using a mobile device. Is something like this at play in the business world, with employees simply assuming that the mobile world is somehow different, and safer, from the digital world accessed on their computer?

With the frequency of security breaches and their cost to companies both skyrocketed, it’s high time the business world found a way to effectively address the inherent security risks of the BYOD movement, either by reverting back to a time when companies supplied the technology, or simply educating employees (and keeping them accountable) regarding the security risks their personal devices pose to network stability. It’s either that or next year we’ll be talking about a rise in BYOD associated security breaches yet again.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Comments on this entry are closed.

Previous post:

Next post: