Corporate data at risk from workers’ lack of knowledge or concern about BYOD policies
Wide-scale survey shows almost a quarter of workers are completely unaware of their corporate mobile access policies while 40% can access data on devices without permission
LONDON – Leading digital identity expert Intercede today revealed the results of its latest research The Rise of the Identity Centric Economy, which found the security of corporate data across the UK is being compromised by workers’ ignorance of the BYOD policies their employers have in place.
The survey of 1,213 UK employees across a range of industries revealed that almost a quarter (23%) were completely unaware of the BYOD policy of their employer. A quarter of those surveyed accessed company data on their own smartphone or tablet with 7% doing so without permission. Overall, 21% knew they needed permission to access corporate data but hadn’t asked for it, while 40% believed they would be able to access it without prior consent.
Currently, 40% of workers use a company or personal mobile device to access secure corporate data with almost one in five (19%) leaving themselves signed in at all times. Just 5% of respondents were concerned that if they lost their handset corporate information would be compromised – highlighting the need for robust security measures on the handsets themselves.
Of those who have password protection in place, 21% of employees were put off logging-in on mobile devices due to credentials being ‘too long and complicated to remember’, while 12% believed the whole process was too complicated and avoided using mobile devices for work purposes at all. Most worryingly 8% of workers had used ‘shadow IT’ – methods outside of the company technology team – to gain access to work emails without the company’s permission.
Richard Parris, CEO of Intercede said: “By bypassing companies’ BYOD policies and not taking regulations into account when accessing sensitive data, employees are leaving the back door open to hackers. CIOs are currently in a difficult position. They either ban BYOD completely or implement long, complex passwords, which are vulnerable and unfit for use on mobile devices.
“The best approach is to turn the mobile device from a vulnerability into a secure authentication device which acts as the first line of defence to protect corporate data being accessed on it. The widespread apathy towards company data shown by the report highlights the need for companies to act quickly and robustly to protect their own data or risk major security incidents.”
Intercede is a software company specializing in identity and credential management with a global team of experts located in the US and UK.
Intercede’s MyID software enables organizations to create and use trusted digital identities for employees, citizens and machines. This allows secure access to services, facilities, information and networks.
MyID meets the highest government standards yet is simple enough to be deployed onto consumer devices such as smart phones and tablets. Critically, MyID provides an easy, convenient and secure alternative to passwords.
Millions of identities are managed using MyID and Intercede has provided identity verification and management services to global customers for more than 20 years. MyID is a commercial off the shelf software product, designed and developed to be configurable so it can be embedded as the cornerstone of cyber security infrastructure for governments and corporations.
Customers trusting Intercede for secure digital identity include the US and UK governments and some of the world’s largest corporations, telecommunications providers and information technology partners.
Trusted by Governments and Enterprises Worldwide
Where protecting systems and information really matters, you
will find Intercede. Whether its citizen
data, aerospace and defence systems, high-value financial transactions,
intellectual property or air traffic control, we are proud that many leading
organisations around the world choose Intercede solutions to protect themselves
against data breach, comply with regulations and ensure business continuity.