BYOD risk outweighs benefits: 56% of ISACA’s Indian Survey respondents

Indian edition of ISACA’s online shopping and bring your own device (BYOD) security survey highlights rise in BYOD trends that put enterprises at risk.

ISACA’s fourth Indian annual survey on ‘Shopping on the job - online holiday shopping and BYOD security’ might paint a very bleak picture, when it comes to securing personal devices in the workplace. According to 56% of survey participants, risks from bring your own device (BYOD) usage outweigh the benefits. This is consistent with close to 54% of the participants from India, affirming that their enterprise restricts the use of IT assets for personal purposes.

The ISACA survey finds that 63% of enterprise security incidents can be directly linked to employees’ use of IT assets —35% of incidents from use of personal devices for work activities, and 28% from the use of work devices for personal activities. BYOD culture’s biggest security risk is perceived to be lost productivity and compromised networks.

BYOD security seems to be gaining prominence with enterprises, given that the trend is on an upswing. Close to 70% of respondents said that their enterprises provide security awareness training. Of these, 51% of respondents clarified that their organizations went the extra mile by educating employees about the risks of online shopping and social networking. Nearly 60% of the respondents pointed out that their organizations prohibit access to social networking websites, with 57% monitoring employee Internet usage.

Despite the fact that several respondents’ organizations block access to retail websites (47%), online holiday shopping during work hours is expected to increase in 2011 (48%). Over 72% say that employees are expected to spend between one to two hours shopping online using their work supplied machines (41%) or their personal devices/smartphones (35%).

Apart from BYOD security, the top three high risk activities identified by respondents were: losing a work-supplied device (91%), clicking on marketing emails to access online shopping sites on work computers (70%), and use of working devices to access p2p file sharing networks (68%). According to survey, 41% of respondents opine that their organizations do not provide guidance regarding the use of geo-location services on smartphones and other devices

In all, close to 4740 ISACA members participated in the survey from 84 countries. The Indian edition saw 298 members participating (with 32% of respondents from BFSI and 44% from technology services/consulting being the two largest respondent groups). Close to 50% of respondents hold a managerial position in their organizations. The complete survey is available here.

Please send your feedback to vharan at techtarget dot com. You can follow our Twitter feed at @SearchSecIN

Read more on IT risk management