European enterprises cautiously accepting BYOD

Results of the European edition of the ISACA IT Risk/Reward Barometer show slowly growing acceptance of BYOD in the workplace, with 28% of organisations freely allowing the use of personal mobile devices for work, compared with 34% in North America and 48% in Oceania. However, there has been a 20-percentage-point drop in enterprises that prohibit BYOD (down from 58% to 30%).

More than half (54%) of IT professionals in Europe continue to report that the risk of BYOD outweighs the benefit, compared to 15% who say benefits are greater than risk and 31% who say that benefits and risk are balanced.

Yet, despite the risk, 26% of enterprises still do not have a security policy in place that addresses BYOD.

To help control BYOD risk, enterprises in Europe say they have:

• Encryption (48%)
• Password management system (44%)
• Remote wipe capabilities (37%).

“Enterprises in Europe are starting to follow the global trend of employees using their own devices, and are blurring the lines between work and personal activities. Personally owned PCs or mobile devices—typically more difficult to secure than work-issued devices—can increase the risk of data breaches, viruses or malware. Controls and policies need to be enforced with employee training and safeguards to protect enterprises and their employees,” said Ramsés Gallego, ISACA international vice president.

The survey also shows that companies in Europe are increasingly allowing employees to use their work device for personal activities. Nearly 67% of enterprises allow employees to access social networking sites from a work device (34% of those impose some limitations), and 73% allow employees to shop online using a work-supplied device (38% freely allow it and 35% have some limitations).

Employee activities that ISACA members identify as high risk are storing work passwords on personal devices (80% say it poses a high risk to the enterprise) and using online file-sharing services like Google Docs or Dropbox for work documents without the company’s permission (71%). More than half (63%) of organisations prohibit using a file-sharing service for company documents.

On average, enterprises will lose 12,000 Euros in productivity due to an employee shopping online during work hours in November and December, say nearly a quarter of those surveyed. A quarter (26%) believe that employees will spend more than a full work day shopping online during work hours using a personal computer or smartphone, and 25% estimate they will spend more than a full day shopping from a work-supplied device.