Australian organisations are putting the personal data of customers and clients at risk through lax BYOD policy implementation, a new report from the International Data Corporation (IDC) has found.
According to the IDC, while many organisations are moving to cater to the needs of employees who wish to utilise personal devices in the workplace, few are taking the adequate vulnerability management steps required to protect user data.
More than half – 55 per cent – of the organisations surveyed by the IDC admitted to having no formal BYOD policy in place for smartphones, whilst 49 per cent said they had no policy in place for tablet usage.
Furthermore, 41 per cent of the near 1,800 participants surveyed by the IDC said that their organisation did not even have policies in place regarding the use of personal laptops.
Associate director of IDC Australia Telecommunications Research Dustin Kehoe says that the takeaway from this survey is all too clear.
"The majority of businesses have jettisoned from corporate-liable policies, and BYOD is in the clear majority. However, nearly half of these businesses have no formal policy and this makes corporate very vulnerable," said Mr Kehoe in a statement released March 4.
As with all new technological initiatives, implementing a BYOD policy requires significant forethought and consideration in order to ensure that it is done in a safe and practical manner.
For one thing, organisations allowing employees to access company servers via their portable devices will want to ensure that staff members are only utilising secure applications that have undergone thorough mobile application security testing.
Any devices with access to confidential material should also be sufficiently password protected, and be equipped with features such as data encryption and remote wiping.
According to the IDC, there is still no exact way to determine the Return on Investment involved when implementing a BYOD policy, as many organisations are still incurring large hidden costs with this technology.
What is for certain however, says the IDC, is that catering for BYOD users makes data significantly less secure.
For that reason, any organisation which is allowing employees to utilise personal smart phones and tablet devices in the workplace must take the time now to ensure it is adequately mitigating the risk of data loss or information theft and protecting the wellbeing of customers and employees alike.