The research, which surveyed 1,000 UK employees, also revealed that 67 per cent do not ensure that they comply to, or they do not know of, any specific guidelines that are in place with regards to the use of personal devices for work purposes.
In addition, only a quarter (25 per cent) of workers are totally confident that their personal device had been secured by their IT departments and over a fifth (21 per cent) admitted that they do not even alert their IT departments to the fact that they use personal devices for work purposes – putting their companies at further security risk.
“Information security is understandably of great concern to IT professionals and this research underlines the central position this should take when deciding on corporate IT policy,” said Nick Lowe, VP of Sales and GM EMEA, AppSense. “However, what this research makes clear is that while many have the best of intentions, there are still prominent gaps between where IT departments are in securing users and devices and where they should be.”
In the same study AppSense also surveyed 100 UK-based IT decision makers (ITDMs), of whom 46% admitted to not having a clearly defined bring your own device (BYOD) policy in place for mobile phones and tablets. This was in spite of the fact that ITDMs stated that 60% of the devices that they currently provide to employees are mobile in nature.
For those ITDMs who do have a BYOD policy in place things looked equally dire with only one per cent able to say that three quarters or more of their workforce are actively enrolled within their organisation’s BYOD programme – indicating that security concerns with regards to the consumerisation of IT remains a big challenge for ITDMs.
This was confirmed by ITDM respondents who stated that implementing an appropriate security model (77 per cent), developing appropriate BYOD IT policy (67 per cent) and meeting end-user expectations around corporate IT experience (51 per cent) were the top three concerns faced today.
“While security will always be a priority for IT departments, the right balance between security and a consistent and acceptable end-user experience must be sought in order to promote productivity. Workers have become accustomed to going about their jobs in a way that works best for them, and by putting barriers in place, users will try to find a work around. This is demonstrated by 21 per cent of end-users deciding not alert their IT department to the use of a personal device to access corporate data,” concluded Lowe.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.