Organizational management policies governing “Bring Your Own Device” (BYOD) usage are poorly developed and inadequate both with respect to their elaboration and implementation, heightening organizations’ vulnerability to cyber security threats, according to results of an IT industry survey conducted on behalf of TEKsystems.
Sensitive organization and employee data is being put at risk due to “immature policies” even as growing use of personal network computing devices for business purposes continues in full swing. Morevoer, the value of BYOD, at least for many organizations, is “mediocre at best,” according to a survey of 1,500 IT leaders and 2,000 IT professionals spanning companies of all sizes conducted for TEKsystems Mobility and Teksystems Networks Services.
Failure to fully elaborate and assure employees’ understanding of and compliance with organizational BYOD policies “creates false and dangerous assumptions,” TEKsystems asserts.
- More than half of IT leaders and 65 percent of IT professionals report that their employers fall within one of three extremes regarding their BYOD policy: either “nothing has been communicated,” “there are no official policy guidelines,” or “employees are not allowed to use their own devices at work.”
- Among the organizations that have some form of BYOD policy in place, approximately only half of IT leaders (48%) and just a third of IT professionals (35%) believe the policy is crystal clear.
Examining assessments of the value BYOD is providing, TEKsystems found that survey respondents “believe their organizations are either achieving middle-of-the-road effectiveness or are completely ineffective across a variety of factors.”
- IT leaders and IT professionals say their organizations are not effective in achieving BYOD’s promise of higher customer satisfaction (60% and 56% respectively) and lower IT expenses (62% and 58% respectively).
- Responses indicate the main value proposition of BYOD to date has been employee satisfaction with 57 percent of IT leaders and 55 percent of IT professionals citing BYOD as improving employee satisfaction by offering greater freedom of choice.
At the same time, “many BYOD policies fail to protect sensitive company data,” according to TEKsystems.
- Seventy-three percent of IT leaders and IT professionals believe that sensitive company data is at risk due to employees accessing information from their personal devices; approximately half feel that 25 percent or more of their companies’ sensitive data is exposed.
- Thirty-three percent of IT leaders and 46 percent of IT professionals confirm that their organizations do not have the capability to remotely wipe data off employee devices if necessary.
- Approximately a third (35%) of IT leaders and a quarter of IT professionals are not confident their organizations are compliant with government mandates.
“Organizations have an obligation to protect sensitive data pertaining to their clients and employees,” commented TEKsystems Research Manager Jason Hayman. “Without formal BYOD plans in place and consistent execution, organizations leave themselves exposed. Additionally, they may be failing to capitalize on the potential benefits of BYOD, including increases in productivity and collaboration.”