Are businesses rushing to BYOD too quickly?

From big-time security concerns to shaky business benefits to controversial user policies, the reality behind BYOD is beginning to emerge. Companies may need to slow down and take measure before one of these harsh realities--such as running afoul of compliance law - smacks them in the face.

Are you breaking the law with your BYOD policy?

In a TEKsystems June survey of 3500 tech professionals, 35 per cent of IT leaders (such as CIOs, IT vice presidents and directors) and 25 percent of IT professionals (such as developers, network admins and architects) are not confident that their organisation's BYOD policy is compliant with data and privacy protection acts, HIPAA, Dodd-Frank or other government-mandated regulations.

Half of the respondents also believe that 25 per cent or more of sensitive data is at risk due to end users accessing this information over personal devices.

These and other alarming findings paint a disturbing picture: The race to embrace BYOD might be outpacing sound business practices.

There's no question the BYOD push has begun in earnest. Many employees use their personal mobile devices for work purposes. Some companies are even mandating employees supply their own phones for work. According to a Gartner survey of CIOs, half of employers will require employees to supply their own device for work purposes by 2017.

[ Slideshow: 10 BYOD Worker Types ]

What's behind this trend? BYOD carries an array of perceived business benefits that drive adoption. The TEKsystems survey points to five:

  • Greater accessibility, meaning the ability to get a hold of an employee who never goes anywhere without his or her personal phone.

  • Higher employee satisfaction, meaning that employees are happier because they have the freedom to use technology that they actually want to use.

  • Improved worker productivity, meaning that happy employees are more productive.

  • Better customer satisfaction, meaning that IT can improve their response time to customer questions and issues. (For more on this, check out Will BYOD Give Rise to the Enterprise Genius Bar?)

  • Cost savings, meaning that IT no longer has to pay for company-issued mobile devices if employees opt-in for BYOD.

But, again, BYOD's perception doesn't always mesh with reality.

More than half of the respondents, for instance, said BYOD was only middle-of-the-road effective to completely ineffective in delivering better customer satisfaction and cost savings. With improved worker productivity, the jury seemed split: Half said BYOD was effective, half said BYOD was middle-of-the-road effective to completely ineffective.

From the employees' perspective, it doesn't get much better.

Many respondents said that clear BYOD policies, as well as communication of those polices, is somewhat lacking. The survey results echo other BYOD experts who claim that end-user policies are filled with legal jargon that heavily favors corporate rights to access data over an employee's expectations of privacy, thus leading to a trust gap between workers and employers.

From big-time security concerns to shaky business benefits to controversial user policies, the reality behind BYOD is beginning to emerge. Companies may need to slow down and take measure before one of these harsh realities--such as running afoul of compliance law - smacks them in the face.

Tags: Consumerization of IT | BYOD, federal compliance laws, applications, bring your own device, CIO, IT management, mobile, mobile devices, privacy, BYOD, consumerization of IT, Gartner, privacy protection, security, legal, software, data protection, compliance

VMware promises Heartbleed patches for affected products by the weekend

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Trust Authority

Reduce complexity and increase trust for public cloud service providers and their customers.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.