New Webroot Survey Reveals Company and Employee Disconnect on BYOD Security Policies Unsecured Personal Devices Far Outnumber Company-Managed Devices, Creating a Potential IT Security Gap
BROOMFIELD, Colo., May 21, 2014 /PRNewswire/ -- A new Webroot Mobile BYOD Survey details the security perspective of consumers who use their personal mobile devices for work purposes. Conducted by Webroot, the market leader in cloud-based, real-time internet threat detection, the study indicates that many employees do not take adequate steps to protect company information, a weakness that could result in critical security breakdowns. The study also provides a BYOD Bill of Rights guideline to bridge the gap between employees' preferences and the security requirements of their organizations.
Key findings from the Webroot Mobile BYOD Study include:
- More than twice as many workers report using personal devices than those using devices issued by their employers, indicating a potential IT security gap
- 60% of those using a mobile device for business have either no security or just the default features set on the phone
- Nearly half say they would stop using their device(s) for work altogether if corporate policy required that they install a security app on personal devices used for work purposes
- Employers being able to access employees' personal data emerged as the top worry, with a majority describing themselves as either extremely concerned or very concerned about this
- 73% agree that employees should have some influence on software or security installed on personal devices used for work
The new survey, based on data collected by Harris Interactive, features perspective from more than 2,000 working professionals in the U.S. It concluded that while 62 percent of employees would be receptive to security software on personal devices, these requirements would need to be communicated clearly by their employer. While allowing such devices to access company data provides real business benefits, it can also expose businesses to higher risk of security threats, including phishing attacks, malware, and browser hijacking.
"Companies gain a lot in terms of increased productivity and lower expenses by allowing their employees to use personal devices to access corporate data, but it can create a real challenge for the IT department to secure devices they do not control," said Mike Malloy, executive vice president of products and strategy at Webroot. "We believe a good mobile security app is a critical part of the solution, but the company must work with its employees by proactively communicating and making them part of the security process to get compliance."
What can organizations do?
The BYOD Bill of Rights was created as a guideline to bridge the gap between employees' preferences and the needs of the organization. All professionals should have the following rights regarding their personal devices:
Employees have the right to:
- Privacy over their personal information
- Be included in decisions that impact their personal device and data
- Choose whether or not to use their personal device for work
- Stop using their personal device for work at any time
- Back up their personal data in the case of a remote wipe
- Operate a device that is unencumbered by security apps that significantly degrade speed and battery life
- Be informed about any device infections, remediation or other activity that might affect device performance or privacy
- Download safe apps on their personal device
"We believe a structure such as the BYOD Bill of Rights can be very helpful in creating an open dialog between organizations and the individuals using personal devices and creating security policies that acknowledge the needs of both parties," said Malloy.
Webroot is the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises. We have revolutionized internet security to protect all the ways users connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of security products for endpoints, mobile devices and corporate networks. Over 7 million consumers, 1.5 million business users and 1.3 million mobile users are protected by Webroot. Market-leading security companies, including Palo Alto Networks, F5, Cisco, RSA, NetCitadel, GateProtect, Microsoft and others choose Webroot to provide advanced Internet threat protection for their products and services. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held internet security company in the United States – operating globally across North America, Europe and the Asia Pacific region. For more information on our products and services, visit www.webroot.com
© 2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, Webroot SecureAnywhere and BrightCloud are trademarks or registered trademarks of Webroot Inc. in the United States and other countries. All other trademarks are properties of their respective owners.