Market research indicates that cybersecurity teams lack the technology and visibility to secure unmanaged personal devices against modern threats. The 2021 BYOD Security Report compiled by Bitglass, a cloud security vendor, found that data loss was the leading concern among 62% of survey respondents.
Other major concerns revolved around users downloading unsafe apps or content, lost or stolen devices and unauthorised access to company data and systems.
“As mobility and remote work environments keep growing, so do challenges ranging from managing device access to handling urgent mobile security concerns,” said Holger Schulze, founder, Cybersecurity Insiders.
“Our research uncovered evidence that shows organisations are not paying enough attention to securing unmanaged personal devices and why the time is now for them to think differently when it comes to securing BYOD,” he added.
According to the research, the shift to remote working during the pandemic resulted in 47% of organisations reporting an increase of personal devices being used for work. As a result, 82% of organisations said they now actively enable BYOD to some extent.
However, most survey respondents didn’t have a clear view of the size of the security problem surrounding BYOD devices. Only 22% of organisations said they can confirm that unmanaged devices have downloaded malware in the last 12 months. However, 49% indicated they are not sure or could not disclose whether unmanaged devices had downloaded malware.
A total of 41% of respondents said they relied on endpoint malware protection for BYOD – an approach that is not ideal for personal devices, which are hard to control and manage. Thirty percent of organisations said they didn’t protect against malware for BYOD at all.
“As enterprises begin to shift to hybrid work environments, personal devices will provide the flexibility and remote access that employees require. This way of working, however, will undoubtedly stretch the resources of security teams,” said Anurag Kahol, CTO, Bitglass.
“This is why there has never been a more important time for enterprises to seriously rethink their approach and secure all forms of communication amongst users, devices, apps, or web destinations,” he added.