Over half of organisations still lack BYOD policy

Nearly four in five organisations do not have a dedicated team to provide IT security services

Despite a surge in the volume of both security incidents and employees using personal devices for work during the coronavirus pandemic, more than half of companies worldwide still don't have a BYOD (Bring Your Own Device) policy in place.

That's according to STX Next, a Python and JavaScript development company, which recently conducted a survey with 250 CTOs and found that 51 per cent of the organisations they represented are yet to roll out BYOD policy for their workers.

The study also revealed that 13 per cent of the companies with a BYOD policy don't use multi-factor authentication.

Nearly 80 per cent of organisations in the survey lacked a dedicated team to provide IT security services, and 60 per cent said they aren't using the services of a specialised cyber security firm.

BYOD is an evolving trend among businesses, where employees are permitted to bring their own devices - such as a laptop, tablet, smartphone or portable hard drive - to the workplace and use them to access the organisation's data and applications.

This practice not only helps organisations to lower their hardware costs but allows employees to use the devices that they are comfortable using.

Some studies have also shown that BYOD devices are often upgraded more regularly than company devices, because of employees' interest in having the most advanced products available.

However, a major concern for most organisations is the possibility of BYOD vulnerabilities. The practice can cause significant security concerns if an employee quits but still has confidential business data on their device.

Moreover, there is always a possibility that this data is intentionally or accidentally leaked, leading to severe consequences for the organisation.

Experts have also raised concerns that businesses will have less control over the security protocols being used on workers' personal devices, making them more vulnerable to malware and cyber attacks.

In July, a survey by Bitglass showed that only 42 per cent of the businesses have some sort of endpoint malware protection installed on BYO devices. 30 per cent of the companies accepted that BYO devices were not protected against malicious programmes by any software solution.

"With remote working becoming one of the most tangible impacts of the coronavirus pandemic, most businesses do not have sufficient visibility of the devices used by employees, and whether these devices are secure enough for accessing company data," said Maciej Dziergwa, Chairman of STX Next, according to ITPro Portal.

"Unfortunately, it seems many still see security as a cost rather than an investment."

"Helping to manage device security - which should include embracing multi-factor authentication at every opportunity - will help security teams maintain the highest levels of vigilance," Dziergwa concluded.