Mobile boom turns BYOD into unmanaged risk, Check Point finds

BYOD soars, networks judder

The challenge of securing mobile technology is starting to overwhelm some IT departments, with many BYOD smartphones and tablets left in an unmanaged state despite the risk of data loss, a global survey by Check Point has found.

It would be easy to dismiss yet another survey on mobile data security as ambulance chasing by a security firm, but Check Point's interrogation of 790 IT professionals in the US, Canada, UK, Germany and Japan (of different sizes) revealed a plausible degree of chaos.

First the numbers, with nearly half of those questioned describing a fivefold increase in mobile devices compared to two years ago.

BYOD probably explains much of this surge with 67 percent saying that their organisations had personally-owned devices connecting to their networks. A curious 2 percent even said that they only had personally-owned mobile devices on their networks.

The bottom line is that networks are suddenly inundated with mobile devices, particularly the harder-to-manage ones such as tablets and smartphones.

Most think this is a problem, with two thirds worried about the risks to corporate data and the physical resources that live on them posed by the BYOD boom.

Surprisingly given this worry, 63 percent stated that they had no policy for managing the data on privately-owned devices, although this was less true as organisations increased in size.

Looking at organisations with under 1,000 employees, only 17 percent had some form of "technical approach" to managing data on BYOD.

The most common form of data held on BYOD devices was business email (88 percent), contact information (74 percent), and a corporate calendar (72 percent). Customer data was also present just over half of the time.

The survey found clear evidence that security incidents on mobile devices can be expensive, with 16 percent of respondents mentioning a total cost of $500,000 (£328,000) or higher. A further 26 percent pegged it at somewhere between $100,000 and $500,000.

This probably isn't as alarming it sounds; any large organisation is going to face significant costs from the loss, damage or theft of mobile devices.

Most of the time, employee incompetence was seen as a greater risk than that of cybercriminals.

"Without question, the explosion of BYOD, mobile apps, and cloud services, has created a herculean task to protect corporate information for businesses both large and small," said Check Point's security researcher, Tomer Teller.

But why are so many organisations not managing data on employee devices? One answer is the lack of affordable tools, a particular issue for smaller firms.

"Companies have been overwhelmed by BYOD, and they are evidently still trying to get to grips with the problem, especially firms with 1000 employees or less.," said Teller.

"I believe part of the reason is that smaller companies will typically have fewer IT resources available to audit what personal devices are in use and manage and secure corporate data on them, and they also may not be fully aware of the tools and policies that can help them control this issue," he said.

Join the CSO newsletter!

Error: Please check your email address.

Tags check pointPersonal TechsecuritySME

More about Check Point Software Technologies

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts