Enterprises fail to implement strong mobile security policies

Lack of awareness about BYOD security risks blamed for mobile security gap

Enterprises are failing to implement strong mobile security policies due to a lack of awareness about the security risks posed by BYOD devices, judges Arun Bhattacharya, senior director of product marketing for enterprise mobility at CA Technologies.

"Until recently, the technologies available were limited solely to device management, not end-to-end secure mobility management that takes into consideration the data, applications and integration with enterprise security policies. Over time, devices have become more sophisticated and now demand a more advanced level of security," Bhattacharya tells Sue Poremba, a contributor to the EMCVoice column on Forbes.

In addition, Bhattacharya believes that the absence of a "catastrophic security event" tied to data leakage from a mobile device has made firms complacent.

A survey (.pdf) conducted last year by B2B International on behalf of Kaspersky Lab found that while 65 percent of 2,895 IT professionals polled said BYOD posed a threat to their business, only 14 percent of firms had fully implemented a mobile device security policy.

The IT pros trepidation about BYOD could result from feeling overwhelmed by the task of tracking and security of all of the employees' personally owned devices. "End users are bringing their personal devices onto the network, regardless of whether IT approves or not. That often means that IT does not get the benefit of an increased budget to support these devices," Steve Workman, vice president of product management at LANDesk Software, tells Poremba.

"It's amazing how many companies struggle with what type of policy they should implement. This can be daunting and can slow down adoption of a policy," Workman adds.

For more:
- read Poremba's article
- download the Kaspersky Lab survey (.pdf)

Related Articles:
Mobile device makers to focus on security
Infographic: Two-thirds of IT managers concerned about mobile security threats
Overconfidence could doom SMBs when it comes to mobile security