In this busy world it is quite difficult to manage professional, personal and social existence. A person is involved everywhere and it is expected from the person to be obeyed towards his work. Organization with the aim of superior growth gives more flexibility to its employees and allows them time flexibility, cell phone uses, use of office Wi-Fi etc. BYOD (Bring Your Own Device) is an evolving concept in modern organizations.
Employees stick to their devices every time, but they are often unaware about security risk associated with usage of personal device. They literally give little importance or totally unaware about BYOD policy of organizations. These are some findings of a survey taken out by security expert Absolute Software.
The survey Objective:
The object of survey was to discover and understand the attitude of employees towards BYOD (Bring Your Own Device) policy, data security, privacy, and responsibility.
What is BYOD?
Before revealing further about the survey, we should focus on BYOD. It means when an employee use his laptop, Smartphone, PDAs at both work place and home. There should be a strict policy about device usage to secure official data of company. In this regard, BYOD policy comes into existence. BYOD policy makes their employees secure and help IT department to handle such devices by obeying company security parameters.
The Survey Methodology:
The survey was conducted from 15 to 29 November 2013 among 750 US adults who utilize their mobile phone for work purpose. Uses of laptops, iPad, PDAs are not included in this survey; only mobile phones usage details are covered. They are associated with different industries like banking, retail, healthcare, and energy. All these industries have capacity of more than 1K employees.
Lancope and the Ponemon institute have recently done a survey to check the level of awareness about Computer Security Incidents in organization.
Key Findings:
A shocking result came from the survey that compels organizations & employees to think over use of personal device security and its privacy.
- Almost 2/3 employees use their mobile phone for both personal and official use. More than 50% employees have their own mobile phone, and the rest use phones owned by the company.
- Almost 71% respondents feel that some of their data on work phone is private. The rest respondents do not keep personal data on a work phone.
- Employees considered many categories like personal email, social media data, music, notes. However, email and contacts ranked as the most vital information stored on a work phone. Personal and work contact and official login details also ranked subsequently.
- 59% employees considered that the corporate data on work phone is worth less than $500. While 60% considered their private data is worth less than $500.
- There were 94% responders believed that their workplace is moderately secured, while 61% said that they need strict security in workplace.
- There were 62% reported that their company follows policy about lost phone. There were 23% respondents do not know about such policy.
- 72% respondents believed that an employer should be penalized for leaking personal data, while 94% agreed that there should be improvement in this regard.
- 75% respondents believed that they should be penalized on losing corporate data, while 25% believed that data security is not their task.
- After losing a work phone, 57% respondents said that they have not still changed their security habits.
- 75% responders said that they should be penalized upon losing a work phone, while many of them who had lost a phone said they are not punished at that time but replaced the device or had a talk with authority.
Tim Williams, director at mobile enterprise data expert and Director, Product Management at Absolute Software said, “If firms don’t set clear policies that reflect the priority of corporate data security, they can’t expect employees to make it a priority on their own”.
From the above survey, it is clear that organizations are not up to the mark in terms of BYOD policy. Employees are not taking security in a serious manner even after losing their device. Such attitude of workers can put organization data at risk and it will be costly for organizations.
