Whatever their security concerns about critical data, some companies do not enforce stringent bring-your-own-data (BYOD) policies for using personal devices to access corporate data. That’s according to [download page] The Economist Intelligence Unit (EIU) in a recent report sponsored by Cisco, which found 1 in 5 senior executives from around the world saying their companies place no restrictions on their access to whatever data is available. The other companies employ a mix of policies to limit data breaches, the most common being to require sign-off on an acceptable use policy (32%). Some 31% of executives report that their organizations require defined security software on personal devices, and 25% of organizations specify approved devices, or, require a secure virtual environment on personal devices. As “Secure Data Access in a Mobile Universe” describes, 21% of respondents report that their companies require IT management on personal devices (e.g., remotely wiping a lost or stolen device), 18% restrict mobile data access to specific apps, and 14% monitor applications on devices.
According to an October report from the National Cyber Security Alliance (NCSA) and McAfee, only 4 in 10 US employees said that when using their personal device on a work network, their companies had formal bring-your-own-device (BYOD) policies, training or security requirements to follow. 44% reported that their companies have no such policies or requirements, and 14% were unsure.
Mobile Access Presents Challenges
While 42% of the EIU respondents agree that the C-suite needs secure, timely access to strategic planning data to be productive, just 28% believe it appropriate to make this data accessible on mobile devices. Just under half of respondents believe the complexity of securing multiple data sources, plus the lack of knowledge about mobile-access security and risk, challenge their companies.
Larger Companies Allow More Mobile Access
More than 9 in 10 companies with revenues over $1B permit access to data via personal or company-owned devices. Of those organizations with revenues over $5B, more than half allow access only on company-owned devices, while a third permit access on personal devices.
Smaller companies are a bit more cautious overall, but less so about personal devices. While 37% of companies with revenues under $500M permit access only on company-owned devices, 47% permit access on personal devices too.
Social Networking Generally Restricted
56% of respondents report having policies to cover acceptable use of social networks via mobile devices, although one-third say they are restricted from discussing their work on social networks and on corporate devices, but are permitted personal use. Another 26% report that only authorized persons are permitted to access social networks on corporate devices. 19% of executive respondents have unlimited access to social networks, and 18% report no access at all on corporate devices.
Email, Financial Info Most Critical To Productivity
Asked which information is necessary to be delivered in a secure and timely fashion to be most productive, C-level executives named email first (74%), followed by financial information (60%). Strategic planning information was third at 42%, followed by competitive intelligence (35%) and operational data (24%).
But when you put that information in the cloud, C-level executives grow cautious. Nearly three quarters of C-level executives believe email is crucial to their productivity, but 6 in 10 surveyed think that it is appropriate to make email accessible on mobile devices from cloud-based storage. Just 27% believe the same about financial information.
About The Data: The survey questioned 578 senior executives worldwide. The respondents were based primarily in North America (29%), Western Europe (25%) and the Asia-Pacific region (27%), with the rest from the Middle East and Africa, Latin America and Eastern Europe. Of the total number of respondents, 23% were from the US, 10% from India, 7% from Canada and 6% from the UK. In terms of seniority, 27% were at the CEO level, 17% at the senior vice president level and 15% at the manager level. With respect to organization size, 55% were from companies with revenue of US $500M or more annually, with 22% of those with revenue of US$10B or more. Respondents represented a wide variety of industries, in particular IT and technology (13%), financial services (11%), professional services (11%) and energy and natural resources (9%). Functionally, respondents identified their primary roles as general management, business development, finance and sales and marketing.
