Businesses fail to address consumerisation security risks

UK businesses are failing to protect themselves against the risks posed by staff using their own devices for work, shows a study from Equanet

UK businesses are failing to protect themselves against the risks posed by staff using personal devices in the workplace.

Two thirds of UK IT managers are concerned that the use of personally owned devices in the workplace poses a security risk to their business, according to research by IT services firm, Equanet.

Of more than 1,000 IT managers polled in the UK, 89% said they were unable to ensure that personally owned devices adhered to their company’s security standard.

For most businesses, security checks were not mandatory. Some 92% of IT managers do not request employees regularly change the passwords of their personally owned devices, even when used for work purposes and to carry company data such as emails and documents.

“A fully realised BYOD [bring your own device] policy is beneficial for IT budgets, productivity and employee morale, however clear policies and strategies need to be in place to overcome any possible security issues,” said Charles Barratt, new solutions development manager at Equanet.

Balancing security and benefits of BYOD

There are many different options and types of BYOD schemes, but companies need to find the most practical ways of implementing and financing such schemes and making sure they are risk-free, he said.

The research shows that 10% of IT managers refuse to let personal devices connect to their networks. However, many had already embraced BYOD, with 20% of IT managers surveyed confident that personal devices did not pose a threat to their company and actively encouraged employees to sign up to the company’s BYOD policy.

“Confidential, work-related information increasingly passes from work computer to personal device and, while this can enhance the productivity of employees, it needs to be managed,” said Barratt.

As soon as a device connects to a business’s system, it should be subject to the same security safeguards as company equipment, which is why a fully integrated BYOD scheme and policy is vital, he said.

Read more about security and BYOD

Read more on Security policy and user awareness