Over the past four months a huge topic of discussion is a newer concept within IT divisions that there should be more flexibility in allowing tablets, smart phones and laptops of all types into a business. The counter point to this is these devices are made by many different manufacturers and most are not designed to protect corporate data.
So while there is a need to show the world that IT groups are willing to be flexible with almost any device that an employee brings into work, it should be strongly monitored and possibly denied if there is no formal MDM or end point protection.
Here are some of the worrying statistics our survey revealed:
- Across the entire BYOD spectrum, encryption of company data is only happening on about one third of devices.
- Less than 10% of people currently using their own tablets for work have auto-locking enabled.
- People were more security-savvy about their smartphones, with 25% using autolock.
- One third of laptop users have auto-locking enabled, whch means two thirds do not.
- Auto-locking with password protection was enabled by less than half of laptop users, less than a third of smartphone users, and only one in ten tablet users.
Clearly there is a lot of bad news here for BYOD security and you can sum it up like this: Right now less than half of all devices in the BYOD category are protected by the most basic of security measures.
If you are determined to take an optimistic view you could argue that a huge increase from current levels of BYOD security is possible, both cheaply and quickly, by doing the following:
- Turning on auto-locking
- Turning on password protection
- Enabling encryption.