Bring Your Own Device – it’s a seemingly spooky term that was repeated across the show floor last week during the RSA Conference in San Francisco. It boils down to the fact that employees are using their own devices on the corporate network and IT administrators and business leaders have to prepare.
The thing about it is - there’s nothing to prepare for. It’s already happened, and the BYOD phenomenon as it is being promoted has been around for years. The notion that a business has to deal with the risk these devices pose was a constant during the Expo’s operation during RSAC. Yet again, this is nothing new either.
A recent Pew Internet study said that, as of February 2012, 46-percent of American adults are smartphone owners. Within that percentage, 20-percent of those smartphone owners named Android as the platform they run, while 19-percent reported that they use an iPhone. Blackberry, Windows Mobile, and Palm rounded out the list with less than 12-percent of the total remainder.
Connecting that to the IT world, a Web study from ESET noted that 80-percent of the employed adults who took part said they use some king of personally owned device for work.
Within the 80-percent from ESET’s study, 24-percent admitted to using a smartphone to store company information or access it; but this climbs to 41-percent when you talk about laptops, and oddly it jumps to 47-percent when it comes to desktops. (We’re thinking that with the inclusion of desktops, this stat focused on telecommuting initiatives.)
According to ESET’s Cameron Camp, “less than half of all devices in the BYOD category are protected by the most basic of security measures.”
Across the entire BYOD spectrum, encryption of company data is only happening on about one third of devices, he added.
“These things are relatively easy to do on the most widely used BYOD devices where these features are often built in, so the cost is low: basically the price of a little security awareness and education. The cost of not taking these steps could be suffering the scariest kind of security breach, the kind that was easily preventable by basic BYOD security best practices,” Camp said.
Granted, while the basics mentioned by Camp are a great start, they’re not all that can be done. However, as has been the case for years now, BYOD is managed on a case-by-case basis after risk has been assessed.
The thing about RSA is that often, vendors talk about last year’s issues, so the notion that BOYD is here may well be a theme for 2013.