Use of personal devices in the workplace causes headaches for chief information officers

According to a survey of 300 CIOs from the United States and the United Kingdom by Mformation, an independent vendor of mobile device management, 76 per cent of CIOs are concerned about personal devices accessing the network, while 78 per cent do not know what devices are connected to the corporate network.

A third also said that they are not able to track data on devices that they themselves issue to employees. Also, in the event that a device is ever lost or stolen, only 56 per cent of businesses are able to secure them.

Todd DeLaughter, CEO of Mformation, told SC Magazine that there is ‘a perfect storm growing' when it comes to this issue and CIOs are asking questions about data security and are concerned on the size of the risk.

He said: “There is a fear of corporate sensitive data getting out and what was amazing to me was the lack of maturity for management of devices, as three-quarters have no idea what is going on. I was amazed as it showed a lack of maturity of deployed solutions for managing mobile devices and that is where there is a large disconnect.

“The smartphone is used for content consumption but the tablet used for content creation and there is a higher security risk in the enterprise where there is corporate data and security concerns. It has taken a while to realise the value of the content of the hardware and also how you manage devices from a total cost of ownership and data security perspective. It is a wide open space that we are trying to manage.”

The survey also asked about the impact of the WikiLeaks incident and what threat that posed, 67 per cent said that this made them more concerned. DeLaughter claimed that this incident proved to be a wake up call for CIOs and CEOs as they were forced to think ‘what if it was me, what can I do to stop it happening to me'.

Relating to this article, Garry Sidaway, Director of Security Strategy, Integralis, posted a blog:

These survey findings underline the consumerisation trend that we have been seeing for a while: The days when the IT team could sit in the corporate bunker and lock down the corporate infrastructure are well and truly over. In our leisure time we take it for granted that we can access information anytime, anywhere, and on any device of our choice. This has set expectations around the way we work, and it creates increased pressure on IT departments to develop and maintain security policies to protect and manage the inherent risks in devices that are no longer under corporate control.

But, the consumerisation of IT can also bring positive benefits to a business. Organisations should embrace this trend to increase productivity and collaboration, or they will face inevitable policy violations. Flexibility in the way we work and share information does not necessarily have to mean compromises in security, but the new consumerised business model needs to be acknowledged and controlled: With robust security policies and procedures based on business goals and a flexible mix of technology and process controls to enforce these policies, we can make security work for the business and the employee.

Having a continued bunkered approach is not an option.

Source: http://www.scmagazineuk.com/use-of-personal-devices-in-the-workplace-causes-headaches-for-chief-information-officers/article/197817/