A new piece of research has found that while companies may have a BYOD policy in place – or they certainly should have by now – some employees can be ignorant of said policy, and liable to cause trouble as a result.
This survey from Intercede took in 1,200 UK employees across a number of industry sectors, and found that 23 per cent were completely unaware of the BYOD policy their employer held.
A quarter also admitted to accessing corporate data on their own mobile device, with 7 per cent doing this without permission. 40 per cent believed they didn't need any consent to access business data, though 21 per cent realised they did need permission, but just didn't bother asking.
The survey also pointed to the need for proper security measures on company handsets, with just 5 per cent of those questioned being concerned that if they lost their device, corporate data would be compromised. Consider that statistic in the light of the fact that 40 per cent of staff use a company (or personal) mobile to access secure business data, and 19 per cent leave themselves signed in at all times.
The survey also found that 8 per cent of employees used shadow IT (solutions not approved by the IT department) to read work emails without the organisation's permission.
Richard Parris, CEO of Intercede, commented: "By bypassing companies' BYOD policies and not taking regulations into account when accessing sensitive data, employees are leaving the back door open to hackers. CIOs are currently in a difficult position. They either ban BYOD completely or implement long, complex passwords, which are vulnerable and unfit for use on mobile devices."
He advised: "The best approach is to turn the mobile device from a vulnerability into a secure authentication device which acts as the first line of defence to protect corporate data being accessed on it. The widespread apathy towards company data shown by the report highlights the need for companies to act quickly and robustly to protect their own data or risk major security incidents."