Leading digital identity expert Intercede has revealed the results of its latest research The Rise of the Identity Centric Economy, which found the security of corporate data across the UK is being compromised by workers’ ignorance of the BYOD policies their employers have in place.
The survey of 1,213 UK employees across a range of industries revealed that almost a quarter (23%) were completely unaware of the BYOD policy of their employer. A quarter of those surveyed accessed company data on their own smartphone or tablet with 7% doing so without permission. Overall, 21% knew they needed permission to access corporate data but hadn’t asked for it, while 40% believed they would be able to access it without prior consent.
Free Download: Is An Outright Ban On Workplace Social Networking A Good Idea?
Currently, 40% of workers use a company or personal mobile device to access secure corporate data with almost one in five (19%) leaving themselves signed in at all times. Just 5% of respondents were concerned that if they lost their handset, corporate information would be compromised, thereby highlighting the need for robust security measures on the handsets themselves.
Of those who have password protection in place, 21% of employees were put off logging-in on mobile devices due to credentials being “too long and complicated to remember,” while 12% believed the whole process was too complicated and avoided using mobile devices for work purposes at all. Most worryingly 8% of workers had used “shadow IT” – methods outside of the company technology team – to gain access to work emails without the company’s permission.
Richard Parris, CEO of Intercede said: “By bypassing companies’ BYOD policies and not taking regulations into account when accessing sensitive data, employees are leaving the back door open to hackers. CIOs are currently in a difficult position. They either ban BYOD completely or implement long, complex passwords, which are vulnerable and unfit for use on mobile devices.
“The best approach is to turn the mobile device from a vulnerability into a secure authentication device which acts as the first line of defence to protect corporate data being accessed on it. The widespread apathy towards company data shown by the report highlights the need for companies to act quickly and robustly to protect their own data or risk major security incidents.”
All figures are based on an independent survey of 1,213 UK employees across all adult age groups conducted by Atomik Research during June 2014.
About Intercede
Intercede’s MyID software enables organisations to create and use trusted digital identities for employees, citizens and machines. This allows secure access to services, facilities, information and networks.
MyID meets the highest government standards yet is simple enough to be deployed onto consumer devices such as smartphones and tablets. Critically, MyID provides an easy, convenient and secure alternative to passwords.
Millions of identities are managed using MyID and Intercede has provided identity verification and management services to global customers for more than 20 years. MyID is a commercial-off-the-shelf software product, designed and developed to be configurable so it can be embedded as the cornerstone of cyber security infrastructure for governments and corporations.
Customers trusting Intercede for secure digital identity include the US and UK governments and some of the world’s largest corporations, telecommunications providers and information technology partners.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.