As eight in ten organisations say they actively encourage their employees to use their own devices for work (BYOD), fears about the associated cyber threats are growing.
The rise in remote working has brought with it a surge in the number of people using their own personal devices for work - including computers, tablets and smartphones - a trend known as Bring Your Own Device (BYOD). But experts are warning that businesses are ill-equipped to deal with growing security threats such as malware and data theft associated with BYOD.
The 2021 BYOD Security Report, published by Bitglass in a joint venture with Cybersecurity Insiders, has found that many enterprises are "running blind" when it comes to securing BYOD devices against today's cyber security threats. The issue is critical, it says, because many businesses are moving to permanent remote work or hybrid work models.
The study's findings show that 82% of organisations said they now actively enable BYOD to some extent, with 47% saying the use of personal devices for work has gone up in the past year.
However, cyber security professionals are worried about the impact of the rise in BYOD:
- 62% said their most critical concern is data leakage or loss;
- 54% are worried about users downloading unsafe apps or content;
- 53% have fears about devices being lost or stolen;
- 51% are concerned about unauthorised access to company data and systems.
Suggesting that businesses are ill-prepared when it comes to cyber threats, the findings reveal that nearly half of those polled (49%) said they "are not sure or could not disclose … that unmanaged devices have downloaded malware in the past 12 months".
The study also raises concerns that many organisations are securing BYOD with old tools to protect against modern threats - 41% are relying on endpoint malware protection for BYOD and 30% don't protect against malware for BYOD at all. Just 11% of respondents said they use cloud-based malware protection tools.
"As mobility and remote work environments keep growing, so do challenges ranging from managing device access to handling urgent mobile security concerns," said Holger Schulze, founder, Cybersecurity Insiders. "Our research uncovered a plethora of evidence that shows organisations are not paying enough attention to securing unmanaged personal devices and why the time is now for them to think differently when it comes to securing BYOD."
Anurag Kahol, cto at Bitglass, added: "As enterprises begin to shift to hybrid work environments, personal devices will provide the flexibility and remote access that employees require. This new way of working, however, will undoubtedly stretch the resources of security teams. This is why there has never been a more important time for enterprises to seriously rethink their approach and secure all forms of communication amongst users, devices, apps or web destinations."
Written by Rachel Miller.