Businesses unprepared for security risks from BYOD
A majority of organizations acknowledge that they’re unprepared to deal with security breaches via their BYOD technology.
A new survey released by security awareness training specialist KnowBe4 shows that 53 percent of businesses aren't properly prepared to deal with hacked or stolen mobile devices, even though 50 percent indicated that company-owned tablets, notebooks or smartphones may have been hacked in the past year.
The joint study carried out by consulting firm ITIC shows that 55 percent of companies are not increasing or strengthening their security despite recent high profile attacks against companies like Snapchat, Skype and Target.
The results show that 65 percent of businesses now allow end users to BYOD and use their own systems as corporate desktop or mobile devices to access organizational data including email, applications and sensitive information. This is attractive to companies because it cuts IT costs but comes at the price of increased security risks.
Kevin Mitnick, KnowBe4's Chief Hacking Officer says, "Mobile devices are the new target-rich environment. Based on lessons learned in the early days of the personal computer, businesses should make it a top priority to proactively address mobile security so they avoid the same mistakes [of the PC era] that resulted in untold system downtime and billions of dollars in economic loss".
Other interesting findings are that doubt remains over who is responsible for security on BYOD kit, with 43 percent of companies currently having no dedicated BYOD security policies. Only 13 percent of respondents said their firms had any specific policies in place to deal with BYOD deployments.
80 percent of companies consider strong anti-virus, intrusion detection and firewalls as the most important and effective mechanism to safeguard their networks, followed by endpoint security at 65 percent. Some 45 percent indicated that they were taking additional security measures including making sure the latest patches are installed and conducting security audits.
ITIC principal analyst Laura DiDio says, "These survey findings should galvanize corporations to proactively safeguard data in advance of an expensive and potentially crippling loss or hack".