Mobile connectivity and Bring Your Own Device (BYOD) continue to grow at an explosive rate for the modern company. Sadly though, much of this connectivity is happening outside the view of IT and the security office.

Survey Says

risky-busines-smallestIn a recent survey sponsored by Harris Interactive and Fiberlink, over 2,000 working US adults were asked if they use their personal smartphones and tablets for work activities. Not surprising was that 51% said yes. What was surprising and frankly disconcerting for IT and their information security cohorts, is that many of these workers are treating company data as recklessly as they would a soccer schedule or recipes.

For example, among employees who use mobile devices for work (either their own or employer-issued), the survey showed:

  • 25 percent have opened/saved a work attachment file into a third-party app (e.g., QuickOffice, Dropbox, Evernote).
  • 20 percent admit to having cut/pasted work-related email or attachments from company email to their personal email accounts.
  • 18 percent say they’ve accessed websites that are blocked by their company’s IT policy.

These numbers become even more startling when the survey also revealed that less than one-half of 1% of users has any level of corporate security installed on their devices.

The chances of a malicious attack are slim (for now), but accidents happen every day on devices as we evolve from using our thumbs over our index fingers. One wrong swipe and an employee has now shared sensitive financial data on Facebook or pinned schematics on Pinterest.

Light at the End of the Tunnel

To protect devices entering the workplace, solutions like Enterprise Mobility Management for device, app and content security can help IT gain tighter controls without sacrificing the true freedom of BYOD.

In addition Dual-Persona offerings, like MaaS360’s Secure Productivity Suite, keep all work and personal information separate. IT sets the security policies like passcode strength and sharing options like to “cut and paste, or not to cut and paste.” With these controls in place, all mobile data adheres to overarching corporate security policies and stringent regulatory concerns for industries like healthcare, financial and public sector.

“Hmmm, I don’t think my employees would go for that.” Not so fast, when asked in the survey over 61% said they were somewhat likely to support IT assistance with security as long as they could keep using their own device.

If you choose not to support smartphones and tablets, our survey clearly shows people will find a way to connect WiFi and email regardless. If you are supporting mobile device connectivity without enterprise mobility management, be ready for the inevitable, not probable, data leakage event.