Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 17th, 2012 in Mobility by Simply Security | Be the first to comment | Tags: Mobility

One of the big trends in office management these days is BYOD (bring-your-own-device) programs.

One of the big trends in office management these days is BYOD (bring-your-own-device) programs. Considering that employees already have their own smartphones and laptops and understand how to use them – and are bringing them to the office regardless of corporate policy, some organizations have taken the opportunity to cash in on this free device upgrade and integrated them into regular system usage.

The problem, however, is that these companies aren't taking data security into account as immediately as they are granting these tools business access. That could lead to a huge problem as IT rushes to try to fill in the gaps, both in terms of data theft and software implementation. The longer it takes to integrate firewall and endpoint security, the more funding a company theoretically expends on those man hours dedicated to ongoing upkeep.

More money, more problems

A report from Osterman Research found that businesses are already feeling the BYOD backlash in the regular bottom line. The results, published by eWeek, stated that mobile device management (MDM) required about three to four people on average per company, with a minimum of 4 projected by next year. Two years ago, it only took half as many people to manage BYOD programs, and this trend is expected to continue to climb in coming years.

"The increasing complexity associated with mobile device management in the workplace is being driven in large part by the growing number of personally owned devices or BYOD that are being used by employees alongside company-supplied devices," said Michael Osterman, in charge of the research study. "Organizations that do not address MDM properly face a growing set of risks, including an inability to adequately secure and retain data on mobile devices, greater downtime, higher IT costs, regulatory compliance violations and reduced employee productivity."

Higher cost solutions

Osterman isn't the only one warning businesses about endpoint security problems in relation to BYOD. Redmond Magazine also published the results of a study that found more thatn 40 percent of respondents though implementing cost-effective security solutions for personal device management.

One of the largest concerns was the potentional of an employee losing a smartphone or tablet regularly used for business, the source reported. Losing a device could grant immediate access to corporate files and other information to outsiders, and more than one-fourth of IT personnel felt that made them unsafe to maintain as part of the business infrastructure.

The Wall Street Journal commented that companies are trying to spend more to manage the threat personal mobile devices pose, at the same time continuing to encourage their use as an enterprise-level solution. These two data security standards contradict one another, the source points out, which may explain why costs continue to rise where this is standard operating procedure for handling regular job duties.

Mounting monetary issues

That being said, there's no shortage of the number of offices looking to move in this direction. Accepting mobile devices into the workplace is still seen as a cost savings and a way of increasing employee engagement, as management is convinced these products will still be present and in use by workers even if they are banned or granted restricted access. Despite knowing how negatively these tools can impact server security, the Wall Street Journal reported more than one-third of corporate leaders are afraid of data loss from these BYOD services, while 50 percent will still put them in place by the end of next year. What's more, seeing as these advanced technological tools are already in use within the office sphere, companies looking to use high-end tech without having to make the expenditure themselves will continue to see a savings represented by BYOD.

Red Orbit pointed out though that these solutions aren't really enterprise-ready unless they are owned and maintained by the corporation. A review by Juniper Research found that the rate of adoption for BYOD services will double by 2013, constituting more than 350 million employee-owned tools in the workplace. The report labelled this a "security nightmare," saying that networks and internal services weren't prepared for such an influx, and getting them ready or playing catch-up with new implementation would create huge spending overheads for these organizations looking to pursue opportunities with employee-owned tech.

Adding new systems to an office environment can be a difficult solution, especially when such a double-edged sword is presented. On the one hand, there are the benefits of a mobile workforce and a built-in cache of new technology that employees already know and like to use. On the other, however, these privately-owned devices can present a huge data protection problem, and organizations aren't prepared to take on all the threats and costs they would need to tackle to adequately protect themselves in most cases.