Security

Consumer Devices Create Security Headaches for IT

It seems the debate about whether or not employees will be allowed to use personal devices for work purposes is over; the practice is already rampant, according to new research. In a survey of 741 IT professionals, 87% said the employees at their companies are using personal devices for work purposes.

But that doesn't mean IT is happy about it. Among survey respondents, 82% said they're concerned about the use of personal devices for work purposes, and 62% are specifically concerned about network security breaches.

[RELATED: Employee-Liable Smartphones on Corporate Networks]

Dimensional Research, which conducted the study for IT management vendor Dell KACE, found personal smartphones are most often brought to work by employees (cited by 80% of respondents), followed by PCs (69%), and tablets (63%).

Email is the most common business task that employees perform on personal devices (cited by 98% of respondents), followed by calendaring (83%), phone calls (79%), texting (67%), social media applications (38%), other enterprise applications (24%), CRM (15%), and ERP (10%).

Yet IT departments are ill-equipped to deal with the use of consumer products for business, the study found. For starters, some companies don't have a clue how prevalent the practice is. When asked if employees are using unauthorized devices to connect to corporate networks, only 32% of IT pros said no. Another 32% acknowledged that employees use unauthorized devices and applications to connect to the network, while 36% admitted it's possible they just don't know about it.

Many don't know exactly which devices and applications are connecting, either. When asked if they have knowledge of all non‐company devices and applications connecting to the network, just 36% said yes. Nearly two-thirds (64%) admitted they didn't.

In addition to worrying about network security breaches, the IT pros polled are concerned about the possible loss of customer or enterprise data (50%) and the potential theft of intellectual property (48%). Only 18% of respondents said they had no concerns with employees using personal devices for work.

On the policy front, IT pros are in agreement that companies should have a policy in place for supporting personal devices used for work purposes; 88% said it's "important" or "very important" to have such a policy.

But the reality is varied: 19% have a limited list of supported devices; 17% provide support for any device requested; 33% don't support any personal devices; 18% plan to put a policy in place; and 13% have no plans to implement a policy.

A majority of respondents (62%) said they lack the tools needed to effectively manage employees' personal devices.

Subscribe to the Security Watch Newsletter

Comments