Tag Archive for: BYOD

Study explores security gaps linked to BYOD initiatives

/in


Details
Published: Tuesday, 22 June 2021 07:49

Bitglass has released findings from its 2021 BYOD Security Report that show the risks associated with the rapid adoption of unmanaged personal devices connecting to work-related resources (BYOD).

The study, a joint venture with Cybersecurity Insiders, surveyed hundreds of cyber security professionals across industries to better understand how COVID-19’s resulting surge of remote work has affected security and privacy risks introduced by the use of personal mobile devices. The insights in this report are especially relevant as more enterprises are shifting to permanent remote work or hybrid work models, connecting more devices to corporate networks and, as a result, expanding the attack surface.

Key findings include:

BYOD is here to stay

The shift to remote work amid the pandemic resulted in 47 percent of organizations reporting an increase of personal devices being used for work. As a result, a total of 82 percent of organizations said they now actively enable BYOD to some extent. While the use of personal devices has helped businesses improve employee productivity and satisfaction, while also reducing costs, challenges associated with managing device access and mobile security remain.

Securing BYOD to prevent data loss/theft is a top concern

The most critical concern respondents expressed was data leakage or loss (62 percent). Other apprehensions included users downloading unsafe apps or content (54 percent), lost or stolen devices (53 percent), and unauthorized access to company data and systems (51 percent).

Enterprises are running blind when it comes to securing BYOD devices against modern security threats

Only 22 percent of organizations indicated they can confirm that unmanaged devices have downloaded malware in the past 12 months. However, nearly half (49 percent) indicated they are not sure or could not disclose whether the same could be said for them. This lack of visibility can be detrimental to the overall business.

Many organizations are securing BYOD with old tools vs modern threats
A total of 41 percent of organizations reported relying on endpoint malware protection for BYOD, an approach that is not ideal for personal…

Source…

Bitglass Report Shows Enterprises Increasing Risk by Enabling BYOD

/in


Securing BYOD to prevent data loss/theft is a top concern.

A new Bitglass report shows that despite the surge in enterprises enabling bring your own device (BYOD), many are unprepared for the associated risks.

Bitglass’ 2021 BYOD Security Report show the rapid adoption of unmanaged personal devices connecting to work-related resources. It also highlights how organizations are ill-equipped to deal with growing security threats such as malware and data theft.

The Bitglass report is a joint venture with Cybersecurity Insiders. It surveyed hundreds of cybersecurity professionals across industries to better understand how COVID-19’s resulting surge of remote work has affected security and privacy risks introduced by the use of personal mobile devices.

The insights in this report are especially relevant. That’s because more enterprises are shifting to permanent remote work or hybrid work models. That means connecting more devices to corporate networks and, as a result, expanding the attack surface.

Enterprises Left Vulnerable

Anurag Kahol is CTO and co-founder of Bitglass.

Bitglass' Anurag Kahol

Bitglass’ Anurag Kahol

“Despite 82% of enterprises enabling BYOD to some capacity, many are still highly unprepared for the risks associated with unmanaged devices,” he said. “Fifty-one percent of the surveyed organizations don’t have any means of identifying vulnerabilities associated with malicious Wi-Fi on personal devices. Even more surprisingly, 49% are unsure or unable to detect whether malware has been downloaded in the last 12 months.”

Key findings from the Bitglass report:

  • BYOD is here to stay. Use of personal devices has helped businesses improve employee productivity and satisfaction, while also reducing costs. However, challenges associated with managing device access and mobile security remain.
  • Securing BYOD to prevent data loss/theft is a top concern. Respondents are most concerned about data leakage. Other apprehensions included users downloading unsafe apps or content, lost or stolen devices, and unauthorized access to company data and systems.
  • Enterprises are running blind when it comes to securing BYOD devices against modern security threats. For example, 22%  of…

Source…

The CSIAC Podcast – Mobile Security – Part 1

/in



BYOD and Enterprise Apps: Balancing Security and Employee Privacy

/in


The COVID-19 pandemic has required businesses all over the world to equip millions of employees to work from home, and, as a result, the “bring your own device” (BYOD) model of IT has never been more prevalent.

If employees are going to use enterprise mobile apps on their own phones, enterprise IT needs to ensure these apps are secure. After all, cyber-criminals are well aware that valuable data is often stored unencrypted on smartphones. That data needs to be protected.

At the same time, IT needs to protect data without compromising employee privacy. The challenge is that many enterprise mobility management platforms are fairly intrusive. Certainly, organizations need a mobile data protection solution to prevent valuable assets, sensitive information, and intellectual property from falling into the wrong hands.

Considering potentially catastrophic reputation damage and the legal consequences that can arise from just a single breach, a complete mobile data protection solution isn’t just optional  — it’s mandatory.

On the surface, this problem may seem like an enforcement issue, causing IT to believe that they should implement new BYOD program policies that clamp down even harder on “rule-breakers” and invest more money in monitoring tools and network security staff. However, a deeper look reveals that the real issue isn’t about enforcement after all, it’s about mobile user privacy.

Employees’ fears are not unwarranted. Many BYOD program policies grant enterprises an unprecedented degree of access and monitoring rights. To achieve maximum protection, some enterprises require employees who use their personal devices for work to deploy enterprise mobility management (EMM) and Mobile Application Management (MAM) tools, which gives their employer access to all their private, personal data on the device and could, in some cases, enable enterprise IT to remotely wipe the phone.

While some CISOs and other security professionals may view this trade-off between a user’s expectation of privacy and an enterprise’s need for security as a “necessary evil” – and there can be some truth in this – the reality is that mobile users aren’t accepting the…

Source…