One in four organizations use only passwords to secure BYOD

Allowing employees to access corporate data via their own devices is increasingly popular, but it does present risks if not implemented correctly.

A new report from data protection company Bitglass finds one in four organizations do not have multi-factor authentication methods in place to secure BYOD -- a well-known enterprise security gap.

This is despite the fact that single-factor authentication, via passwords to control user access to corporate data, has resulted in several high-profile data breaches in recent months, including Zomato, Deloitte and Microsoft.

"Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed," says Rich Campagna, CEO of Bitglass. "The BYOD boom exposes organizations to risks that can only be mitigated with data-centric solutions that secure access."

The report based on responses more than 200 IT and security professionals surveyed at the Gartner Symposium/ITxpo conference also highlights the top cloud security priorities for organizations. BYOD security and access are clear concerns, as external sharing (45 percent), malware protection (40 percent) and unmanaged BYO device access (40 percent) top the list.

There are reservations about Apple's Face ID technology too, with 61 percent of respondents harboring concerns. Top Apple Face ID worries include accuracy of face detection (40 percent), prevention of unauthorized access (30 percent) and speed of face detection (24 percent).

While three quarters of respondents already have encryption and on-premise firewalls in place to protect corporate data, more are starting to deploy secure web gateways and cloud access security brokers to beef up BYOD security.

You can find out more in the full report available from the Bitglass website.

Photo credit: Sarawut Aiemsinsuk/Shutterstock