We couldn’t let this week end without leaving you with another reminder of the unaddressed risks in BYOD practices. It’s a trend that shows no sign of slowing, as the risks may be multiplying faster than IT’s ability and willingness to take control in some organizations.
In a Fiberlink survey conducted by Harris Interactive among 2,064 U.S. adults earlier this year, respondents answered questions about how they use their personal and work-provided mobile devices, how they regard those devices, and which specific risky activities they have performed with those devices.
What have they been up to? Twenty-five percent had opened or saved a work attachment file into a third-party app like Dropbox. Twenty percent had cut and pasted a work-related email or attachment from company email to personal email. Eighteen percent had accessed websites blocked by company policy. Fifty-six percent reported they had not performed any of these activities. Since this is self-reported, we can assume these numbers are skewed to make the respondents look more chaste than they may really be.
Each new survey that is performed shows similar results–company intellectual property is not fully protected, policies are not enforced, and compliance audits are finding that long lists of problems could potentially cause legal, financial, brand reputation and productivity losses.
Looking at one mobile device management feature that brings a measure of control to the non-company-provided devices, the Fiberlink survey delved into whether respondents using personal devices would use a dual persona or dual access app (a feature of the firm’s mobile device management offerings), which would separate all work-related activities and data from personal activities and data on the same device. The results seem to show that with the combination of an effective education effort and a strong policy, more IT departments may reduce their mobile headaches with this approach.
Respondents who identified themselves as employed viewed details on a dual persona app, and while only 11 percent said they were very likely to install it on their personal devices if their employer offered it, a net of 42 percent were at least somewhat likely to install it on their device. (Less than half a percent said they already have and use a similar app.)
Optimistically speaking, we can choose to say that almost half of these respondents are open to the idea of some sort of dual persona or dual access partition on their personal mobile devices. If your IT organization can replace some personal devices with company-provided devices that have partitions, or institute an educational program and policy modification that addresses employees’ unvoiced fears about their own data (and the likelihood that they’ll eventually run into serious troubles with a “whatever I can get away with” attitude), now is the time to turn around this trend of uncontrolled risky behavior on mobile devices.