Bring your own device: a major security concern

Similar documents
Trustlook Insights Q BYOD Trends & Practices

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Poland: Initiative for Polish Industry 4.0 The Future Industry Platform

Smart Home: Technologies with a standard battle

2014 IT Priorities Mark Schlack Sr. VP, Editorial

Cyber Security in Smart Commercial Buildings 2017 to 2021

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

ENTERPRISE MOBILITY TRENDS

- Samsung Tablet Photo - Tablets Mean Business. Survey of IT pros reflects growing trend toward tablets for workforce mobility and more

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

Securing Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013

2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE THIRD ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

Modern Database Architectures Demand Modern Data Security Measures

How to Enable and Secure in the Next Stage of BYOD: Reap the Benefits of Bring Your Own Laptop

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

The security challenge in a mobile world

U.S. State of Cybercrime

Microsoft 365 Business FAQs

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

MOBILE DEVICE MANAGEMENT OR PRETTY MUCH EVERYTHING YOU NEED TO KNOW ABOUT MOBILE DEVICES IN THE WORKPLACE!

Mobile Device Management: Strategies for Success. Speaker: Keith Leone

Second International Barometer of Security in SMBs

10 Hidden IT Risks That Might Threaten Your Business

The CIO s BYOD Toolbox: Top Trends for HIPAA Compliant mhealth

WHY MOBILE SECURITY SHOULD BE IN YOUR TOP PRIORITIES

Converged Infrastructure Matures And Proves Its Value

TRUSTED MOBILITY INDEX

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

Spotlight Report. Information Security. Presented by. Group Partner

The Quick-Start Guide to Print Security. How to maximize your print environment and minimize security threats

As Enterprise Mobility Usage Escalates, So Does Security Risk

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

2018 Mobile Security Report

Rethink Enterprise Endpoint Security In The Cloud Computing Era

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

Internet of Things Toolkit for Small and Medium Businesses

The Growing Impact of Mobile Messaging

Mobile Security / Mobile Payments

mhealth App Developer Economics 2016

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

Good Technology State of BYOD Report

Real estate predictions 2017 What changes lie ahead?

Security Solutions for Mobile Users in the Workplace

Securing Today s Mobile Workforce

MaaS360 Secure Productivity Suite

DIGITAL TRUST Making digital work by making digital secure

Five Reasons It s Time For Secure Single Sign-On

Hyperconverged Infrastructure: Cost-effectively Simplifying IT to Improve Business Agility at Scale

Mid-Market Data Center Purchasing Drivers, Priorities and Barriers

What BYOD and CYOD mean for workplace transformation

Trinity Multi Academy Trust

Evolution For Enterprises In A Cloud World

IT Implications of BYOD in the Cloud Era

Mastering The Endpoint

Clarity on Cyber Security. Media conference 29 May 2018

2015 VORMETRIC INSIDER THREAT REPORT

Contents. Enterprise Solution 04. Why Samsung? 05 WLAN 06. Voice Solution 08. Mobile Unified Communications 09. Enterprise Security 10

THE STATE OF CLOUD & DATA PROTECTION 2018

Securing Institutional Data in a Mobile World

Mobile App Security and Malware in Mobile Platform

2014 NETWORK SECURITY & CYBER RISK MANAGEMENT:

State of SMB IT 1H 2012

Secure Access for Microsoft Office 365 & SaaS Applications

The Next Generation of Credential Technology

Samu Konttinen, CEO Q4 / 2017 CORPORATE SECURITY REVENUE GROWTH ACCELERATED TO 16%

Public consultation on Counterfeit and Piracy Watch-List

CHALLENGES GOVERNANCE INTEGRATION SECURITY

HEALTHCARE CYBERSECURITY CIO BAROMETER !!!!!!!!!!!!!!!!!!!

Taking Back Control of Your Network With SD-LAN

Building a Threat Intelligence Program

CLOUD ORCHESTRATION. A global trend in the context of digital transformation

INDIA The Changing Face of the Workplace: Going Light and Mobile

3-Part Guide to Developing a BYOD Strategy

Get Ready for Wearables at Work. Survey of IT pros reveals drivers, benefits, and challenges of supporting wearables in the workforce

MOBILE SECURITY. Fixing the Disconnect Between Employer and Employee for BYOD (Bring Your Own Device)

STUDY REVEALS GROWING DEMAND FOR HIGH-SPEED DATA COMMUNICATIONS

Samu Konttinen, CEO Q3 / 2017 CORPORATE SECURITY REVENUE UP BY 11% - GOOD GROWTH CONTINUED

Wireless Best Kept Secret For Now

Get Connected: Building your Digital Workplace

Lookout's cybersecurity predictions

Cloud Communications for Healthcare

BYOD: A Global Perspective

Secure access control:

BlackBerry UEM is a Wise Investment for ABANCA

Build Your Zero Trust Security Strategy With Microsegmentation

Make security part of your client systems refresh

Information Security BYOD Procedure

The future of UC&C on mobile

Mobile Experience and Security - A Delicate Balance. Jeff Keller, CISA, CIA, CFSA SVP/Senior Audit Director, Technology, Projects, Due Diligence

Thin Clients as Attractive Solutions for Cost Effective, Secure Endpoint Management

Global Mobile Consumer Survey, US Edition Overview of results

IT & DATA SECURITY BREACH PREVENTION

US 2013 Consumer Data Privacy Study Mobile Edition

BIG IDEAS FOR SmAll BuSInESS:

Executive Summary...1

The State of the Trust Gap in 2015

ACHIEVING FIFTH GENERATION CYBER SECURITY

Flyer 1. Meet evolving enterprise mobility challenges with Samsung KNOX

Transcription:

Digital Transformation Monitor Bring your own device: a major security concern May 017 Internal Market, Industry, Entrepreneurship and SMEs

Bring your own device: a major security concern Rawpixel.com/Shutterstock.com More and more businesses are introducing Bring Your Own Device (BYOD) programmes believing that by allowing their employees the use of their own familiar devices to work, they will increase productivity while reducing costs. Simultaneously mobile malware reveals to be one of the ten most common attack types 1 making the corporate network vulnerable, and therefore requiring a stronger IT security system. 1 BYODs - gaining traction in the business world BYOD or Bring Your Own Device refers to an increasingly popular trend in the business world which allows employees to bring their own computing devices including smartphones, tablets, laptops and wearables to their workplace for business use. BYODs might also be referred to as employee-owned devices as opposed to corporate-owned devices, or personal-liable devices as opposed to corporate-liable devices. Simultaneously, smaller business are more likely than bigger companies to jump on the BYOD trend. According to a TechPro survey led in 01, 71% of the small businesses were already allowing BYODs, compared to only 5% among big businesses. It has to be pointed out that European businesses are significantly lagging behind their North American colleagues regarding the overall adoption of BYODs. In North America, over three-quarters of business smartphone users bring their own device to work. In Europe, on the other hand, corporate-liable devices keep dominating the global installed base of business smartphones. In the first quarter of 015, 61% of all business smart phones in Western Europe were corporate-liable. In Central and Eastern Europe, the rate of BYOD devices shipped was slightly higher in the same period (1%) while remaining far inferior to the number of BYODs sold in the US. European businesses are thus approaching this trend more cautiously than their American colleagues. More personal-liable than corporate -liable devices Source: Strategy Analytics BYOD smartphones shipments 61% Use of the BYOD concept - driving growth in the mobile business device market The market for business smartphones has been steadily growing. According to a Strategy Analytics study, business smartphone shipments accounted for 7% of the global market in 015 compared to.6% in 01. This increase in shipments was driven by BYODs that made up for almost two thirds of all business smartphone shipments in this period. A similar trend can be observed in the tablet market, in which the proportion for business owners is estimated to increase from 1% to 0% in the 015-00 period 5. More and more entreprises allow the use of personal devices BYODs in the office presence and modes of usage Typically, personal mobile devices are used to access the corporate network for emergingedtech.com communication, presentation, databases, download and share documents and files. The LinkedIn Information Security Community reported in their latest survey that for 8% of respondents, email, calendar and contact management are the most common applications used via BYOD followed by document access and editing (5%), access to Intranet (%) and finally access to SaaS applications such as Salesforce (%). Source: TechPro

Bring your own device: a major security concern Advantages of the BYOD concept Increasing productivity One of the expected benefits associated with the adoption of the BYOD concept is an increase in the efficiency of employees due to working in a comfortable environment. By adopting BYOD, employees can work in a consistent and flexible mobile environment. At the same time, as they are already familiar with the system used, productivity can be increased. Studies estimate that employees using the BYOD concept work up to additional hours each day, checking and sending emails as well as making/taking calls 6. Moreover, employees check their messages 0 times more per day if they have access to their work emails on their personal devices. Increasing employee satisfaction Another significant advantage of the BYOD concept is its positive effect on employee satisfaction. The BYOD concept allows employees to use the device of their choice for work even if they have to buy them themselves. Forrester study 5 notes that 55% of tablet users bring their own device to work because their company did not want to purchase them even though they felt they needed them. By adopting the BYOD concept, this problem can be directly solved. Encouraging mobility The BYOD concept is naturally linked to the growing mobility of employees that spend most of their time outside the office. However, in some specific markets where mobility is seen as primordial (eg. healthcare) the sensitive nature of the data imposes specific care in the implementation of the BYOD concept and will require enforced security. Governments are also expected to oppose the BYOD concept due to the sensitivity of the information treated. Employees work more with BYOD hours More per day Source: BMC 9 Saving equipment costs The BYOD concept allows companies to shift their equipement costs to the employee as they have to purchase their own devices. This allows companies to cut costs related to the acquisition of devices and related expenses (voice and data plans, maintenance, repair etc.). By adopting the BYOD concept IT systems can increase the support they offer as the investments previously used for the acquisition of devices can now be shifted to their maintenance 7. Strong security concerns despite BYOD benefits The risk of losing corporate data As the concept of BYOD involves the mix of personal and company data on the same device, security concerns about the safety of corporate data can increase. An attack on an employee s mobile phone can compromise the company s entire security system. Losing critical company data, and especially customer data represents the major concern for most of the companies not yet having adopted the BYOD concept. 7% of respondents of a TechPro survey ruled out BYOD due to security reasons. Other concerns include unauthorized access to company data and systems, the downloading of unsafe apps or content, the loss of devices, malware and the exploitation of vulnerabilities. Who is responsible for setting up the BYOD policy in your organization? Source: Crowd Research Partners Enterprises are attacked every minutes One attack costs 70 per day to recover Source: Fireeye 10 The need for a stronger security system A LinkedIn survey reveals that security breaches are on the rise with BYOD with 9% of respondents having experienced mobile threats using their devices and 7% of respondents not being sure whether they have been breached. At the same time, 5% of respondents needed additional IT resources to manage mobile security. Further investments regarding the development of mobile applications as well as the time spend on managing the internal network might thus be necessary to protect the company s internal IT system. Box 1: Security failures increased by BYOD 51% of companies allowing BYOD experienced a mobile data breach 8% reported stolen or lost data 1% confidential data stolen 7% information destroyed Source : Ponemon Institutes 8 Steps to limit the risk posed by BYODs The use of personal devices for business purposes has led entreprises to create dedicated policies especially focusing on security and management concerns. The BYOD security policy aims to guarantee the security of the company s corporate network while giving employees the possibility to use their own devices. At the same time, BYOD policy needs include a list of the employees eligible to bring their own devices, the identification of those employees that require access to confidential and sensitive information and how they use it.

Bring your own device: a major security concern Separation of corporate and personal information on the device Data security is the main concern with BYOD Implementations of antivirus programs or password protections can separate work and personal information on mobile devices. A further solution to cope with privacy issues has been developed by enterprise mobility management providers such as AirWatch by VMware. Samsung, on the other hand, relies on its Knox offering which provides notably features targeting the BYOD trend with the ability to dynamically switch between a professional and a personal mode on a single device. Both solutions are based on the separation of corporate and personal data on devices through customisable privacy policies that can be based on device ownership type. 5 New trends adapting the BYOD concept COPE the Corporate-Owned Personally-Enabled model The COPE model allowis IT managers greater control over the devices used while not depriving their employees of the devices that make them more productive. Indeed, with COPE, devices are purchased by the company and thus remain corporate owned devices. This makes it easier for the company to protect its IT system as all the employees Large ecosystem to secure BYOD Source: Channel insider use the same device model. This makes it easier for IT managers to manage mobile fleets. Moreover, employees are allowed to use their corporate devices for personal activities and can select their favorite services and applications. They are thus given a certain amount of freedom while keeping the corporate network secure. The only disadvantage of the COPE method is that the company might have access to the employees private information, which some might consider a breach of their privacy. To limit any interference in their employees privacy, companies are therefore trying to delimit clear areas solely dedicated to business activities. CYOD Choose Your Own Device The CYOD offers employees a bit more freedom than the COPE model by allowing the employees to choose their business device from a selected list defined by the company. On one hand this allows employees to express their preferences, on the other hand it allows the company s IT department a certain amount of control over the devices used on the company s network. References 1 Threat Research published in July 016 by Check Point http://www.slideshare.net/hschulze/b yod-and-mobile-security-report-016-01 https://www.strategyanalytics.com/stra tegy-analytics/news/strategy-analyticspress-releases/strategy-analytics-pressrelease/015/06/17/businesssmartphones-shipments-in-q1-up-6- from-last-year-now-7-of-totalsmartphone-market#.vmg1khyve00 http://www.techproresearch.com/artic le/research-byod-booming-with-7- using-or-planning-to-use/ 5 Tablet market report by Forrester Research at https://www.forrester.com/apple+goog le+microsoft+battle+for+enterpriseown ed+tablet+market+making+up+0+of+ Gl 6 http://www.telegraph.co.uk/technolog y/mobilephones/9669/smartphones-andtablets-add-two-hours-to-the-workingday.html obal+tablet+market+by+018/-/e- PRE81 7 http://www.gartner.com/newsroom/id/ 90917 8 http://www.websense.com/content/pon emon-institute-research-report- 01.aspx?cmpid=prnr.9.1 9 http://www.bmc.com/blogs/is-byod-aglorious-boost-to-productivity-or-agaping-hole-in-your-it-security-plan/ 10 https://www.fireeye.com/platform/ov erview-of-advanced-cyber-attacks.html 11 http://www.esg-global.com/mobilityspending-brief Source: CIO advisory

About the Digital Transformation Monitor The Digital Transformation Monitor aims to foster the knowledge base on the state of play and evolution of digital transformation in Europe. The site provides a monitoring mechanism to examine key trends in digital transformation. It offers a unique insight into statistics and initiatives to support digital transformation, as well as reports on key industrial and technological opportunities, challenges and policy initiatives related to digital transformation. Web page: https://ec.europa.eu/growth/tools-databases/dem/ This report was prepared for the European Commission, Directorate-General Internal Market, Industry, Entrepreneurship and SMEs; Directorate F: Innovation and Advanced Manufacturing; Unit F/ KETs, Digital Manufacturing and Interoperability by the consortium composed of PwC, CARSA, IDATE and ESN, under the contract Digital Entrepreneurship Monitor (EASME/COSME/01/00) Authors: Vincent Bonneau & Soichi Nakajima, IDATE; Laurent Probst, Bertrand Pedersen & Olivia-Kelly Lonkeu, PwC DISCLAIMER The information and views set out in this publication are those of the author(s) and should not be considered as the official opinions or statements of the European Commission. The Commission does not guarantee the accuracy of the data included in this publication. Neither the Commission nor any person acting on the Commission s behalf may be held responsible for the use which might be made of the information contained in this publication. 017 European Union. All rights reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback