The Security Executive Council first polled security leaders about the use and policies surrounding use of personal devices (BYOD) in their organizations in 2012. This month, the SEC revisited its original poll to see what had changed in the last six years.
The latest survey found that more respondents are using their own devices at work, more organizations are instituting policies to manage BYOD, and more are also strictly enforcing those policies. However, 21 percent of companies still do not have a policy, and 21 percent have a policy that is not enforced.
As companies are increasingly drawn to the savings in technology costs and reports of improved employee morale and productivity, it’s imperative that security and loss prevention leaders consider and communicate potential risks associated with personal devices in the workplace.
“It is critical to the protection of your company’s data to get the policy right the first time,” said Neil Johnston, SEC subject-matter expert and former senior manager of security technical operations for The Boeing Company. “Once you allow BYOD into your organization, it is difficult to take it away. Also, as technology changes, keep up with those changes in your policy as needed.”
Full results of the poll are posted at https://www.securityexecutivecouncil.com/spotlight/?sid=31272. The SEC’s next poll on BYOD will focus on top security concerns such as data leakage or loss and non-encrypted data or connections.