We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,713 News Articles

Half of Australia business concerned about BYOD access, but few act upon it: Unisys

Few Australian organisations are considering sophisticated security measures.

This is despite more than half of Australian businesses in Unisys2012 Australian Consumerisation of IT research being concerned about employees accessing business data via a smartphone or tablet in the workplace.

Download our Smartphone Super Guide for iPad

Unisys Asia Pacific security program director, John Kendall, attributes this concern to mobility extending the end points of access into the corporate network, beyond office walls and the network firewall.

IT decision makers have consistently cited security as a key issue for a mobile workforce, regardless of whether the devices used are company supplied or owned by the employee, over the last three years that we have run the research, he said.

Kendall says the risks are both accidental, such devices being lost or used by friends or family, and malicious, such as devices being stolen or malware on mobile apps.

Organisations see that mobility in the workplace is inevitable and now they are taking action to minimise the risk, he said.

However, Kendall admits that effective security requires more than managing access to the device and the applications on the device.

For one, it also requires a combination IT, HR, and legal security policies that are enforced, as well as employee education.

Employees need to know what the risks, how to avoid them and the consequences of not doing so, Kendall said.

Ignoring the threat

While 56 per cent of Australian organisations identified security as a continued concern, the report found that only 18 per cent of respondents are considering token-based authentication and 15 percent are looking at biometric-based authentication.

Even though 90 percent of local organisations are saying they have a security policy in place, Kendall says it is worrying that a third of employees are not aware of their companys security policies.

These people could unintentionally put sensitive data at risk by not taking the appropriate security precautions to protect the data on their mobile device, he said.

For Kendall, it appears that many organisations are under the impression they are protected by simply creating a security policy that covers mobile devices.

However, its of no use if employees dont know about or understand it, he said.

With six percent of Australian employees in the survey saying they ignore or work around security policies, Kendall says it is important that they understand "why the polices are in place and what the consequences are from not adhering to them."

Time to change

As for what needs to change in order for security measures at businesses to improve, Kendall says the problem can be traced to passwords.

Passwords have been traditionally used in IT to secure access to devices and applications within the workplace, so it makes sense that they have been the first step taken to secure mobile devices, he said.

However, Kendall says the risk of a data breach via compromised passwords is higher in a mobile environment.

Mobile devices can be easily lost or stolen, so it is surprising that organisations arent taking a more aggressive approach to securing the devices and the data on them, he said.

To protect sensitive assets, the recommendation is to adopt multifactor authentication, where the employee is identified not only by what they know (such as a PIN or password), but also by something they have (a token key) or who they are (a biometric such as a fingerprint or face scan).

In addition, organisations should look beyond the device at ways to secure the data itself, such as via encryption, so that even if the wrong people get access to the data, they cant read it, Kendall said.

He adds that a business needs to protect against both internal and external threats, no matter if it is accidental or intentional.


IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

Apple updates MacBook Pro line-up: Price cuts & spec boosts for 6 MacBook Pro models

IDG UK Sites

Long live the internet fridge: the Internet of Things is coming

IDG UK Sites

How Prometheus' colourist Juan Ignacio Cabrera gave a tense, edgy feel to Chosen