Employers, Employees Still Not on Same Page About BYOD

Sue Marquette Poremba
Slide Show

Five Tips for Overcoming Mobile Security Challenges

If you read this blog or IT Business Edge regularly (and thank you for doing so!), I assume that you care about network security, emerging technologies, and the intersection between the two issues. But it seems like you are in the minority, at least within the workplace. Oh, we all love our technologies and gadgets and whatever will make our work life more efficient and productive. Security, though, remains elusive. This is especially true in Bring Your Own Device (BYOD).

Webroot released the results of a new survey last week that revealed a disconnect between employees and employers when it comes to BYOD use and policies. The survey, which was taken in two steps – the first that asked employees what they are looking for in BYOD policies and the second step that asked employers about BYOD security – found that nobody is taking security as seriously as they should:

While there are some striking areas of agreement, there are also signs that many employees do not take adequate steps to protect company information, a weakness that could result in critical security breakdowns. There is also evidence that employers often only pay lip service to consulting with employees over BYOD security. This can create problems given the large number of personal devices being used for work purposes.

Not surprisingly, the vast majority of employees use at least one personal device for work purposes and BYOD is especially popular among younger workers. On the positive side, nearly all (98 percent) of companies report having a BYOD policy, but (there’s always a but) only a third require mandatory security applications to be installed. That falls nearly in line with the 46 percent of employees who report being wary of mandatory security – it all comes down to privacy really, and what employees don’t want their employers to have access to.

But someone has to take care of security. For the vast majority of employees, their BYOD security is no more than the security functions that came with the device.

The survey doesn’t answer why security continues to lag in BYOD. Is it that employees don’t understand the importance of keeping their devices secure or is it that they don’t trust their employers to not keep personal separate from work? Webroot does provide advice on how to improve BYOD security and eliminate some of the disconnect between employers and employees. It involves communication and education. For instance, make sure that employees are well aware of the risks involved with using mobile devices (I would stress the risk to personal information as well as corporate data) and make sure employees understand security solutions before making them mandatory. I especially like the BYOD Bill of Rights that creates a distinct line between personal and business use, and where employers’ rights to the device end.

You’d think after all these years, we’d have done a better job figuring out the security of BYOD, but this survey shows that we have a long way to go.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Jul 16, 2014 6:54 AM Johndoe Johndoe  says:
BYOD is nothing but used for company bottomline. Many companies that supply phones to their employees are not upgrading thinking that their employees will be frustrated and bring their own device. The policy has been that it will not be reimbursed, they have to be responsible for all charges and everything. WOW. so the company is off the hook for all even for uses for the employer. Its just like everyone wants green and the only people tha see the real green are the companies. These things like BYOD and be green are just marketing bluff to increase the company bottomline. Reply
Sep 10, 2014 2:36 PM Jose Jose  says:
One reason security lags in BYOD may be that users are not sure how to secure their devices. For example in Windows I can install antivirus, edit the hosts file and close or monitor ports. I'm not sure what tools exist to accomplish those or other equivalent minimum security measures on a droid or iPhone. Apparently some apps are "calling home" and sharing all sorts of information, how would one block such activity? Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.