Trust issues persist in BYOD workplaces
Not all employees are aware of the rigors of BYOD regulation.
The first half of 2012 saw a massive spike in BYOD (Bring your own Device) adoption rates, but now that companies are getting beyond the honeymoon phase many are realizing that their new policies require more attention to detail than previously thought. In exchange for convenience and cost savings, managers have been faced with a number of new questions demanding answers. Most notably, how can a company achieve the proper level of employee oversight without compromising personal privacy?
According to the latest Harris Interactive poll of business professionals, it appears that the majority of companies are still struggling to strike that delicate balance.
An invasion of privacy?
Mobile device management (MDM) software has been a godsend for IT teams, helping them establish the crucial link between each endpoint and a single, centralized management platform. But as employees learn more about the true power of these tools, many are worried about the privacy they could be sacrificing when opting into a BYOD program.
According to the Harris survey, many users were "alarmed" by their IT colleagues' ability to collect personally identifiable information (PII) through smartphones and tablets tied into MDM platforms. The location-based tracking utilities intended to help find and recover lost and stolen devices could also potentially be used to monitor employee travel during and after the work day. More than 80 percent of responding professionals suggested that this constitutes a direct invasion of privacy.
Additionally, MDM platforms afford IT administrators a comprehensive view of application inventories, revealing each personal and professional program downloaded to employee devices. This is important to note considering 76 percent of users indicated that they would not knowingly supply personal app information to their employers.
This lack of awareness could be particularly significant for BYOD workers that use their smartphones and tablets for a very limited set of tasks. As researchers noted, even employees that are merely using their devices to access and return emails are subject to the same level of surveillance as more active mobile workers. Yet when provided with additional education on MDM capabilities, three-quarters of users actually insisted that they would rather go without mobile email access than enable IT to install tracking applications on their personal devices.
"No other IT tool is attached at the hip or full of personal data quite like a smartphone or tablet," 451 Research director Chris Hazelton explained. "Because of this, it is critical that IT is able to provide a level of privacy where applicable, particularly around location and app usage, for the growing number of employees who are choosing to bring their own devices to work."
Mending fences
To ensure BYOD strategies continue to be mutually beneficial arrangements, IT managers will need to strengthen – and possibly regain – employee trust. Although network administrators may not be engaging in the type of nefarious tracking activities outlined above, the study could plant the seeds of doubt within the mobile workforce.
As CIO.com columnist Tom Kaneshige noted, most IT executives really do want to stay as far away from personal data as possible. As their colleagues in the legal department have consistently reminded them, pulling back the curtain on employee information can be a very slippery slope with all kinds of adverse consequences. However, these sentiments must be communicated directly to the workforce by way of explicit policy.
Technical breakthroughs are making it all a bit easier as well, according to Kaneshige. More advanced MDM suites now offer a greater level of segmentation between personal and business assets held on employee-owned mobile devices. For instance, administrators can remotely wipe all corporate data from a smartphone that has been momentarily lost without necessarily deleting the owner's personal media gallery in the process.
Consumerization News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Businesses demand stronger app security
- Twitter now offers two-factor authentication
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet