BYOD ignorant managers putting IT security at risk

“Ignorant” senior managers are putting their organisations at risk when it comes to the Bring Your Own Device (BYOD) culture.

That’s the latest from information security company ECSC, which has described the moves into this “backward trend” as a “major set-back for information security”.

The company cited a recent study by ISACA members, which found 23 percent of UK businesses are already allowing employees to follow the trend of using their own devices. It claimed the iPad had played a big role in this culture as well as fingering  device manufactures who were “all for” the new way of working.

It said this was because it gave them a  convenient entry into the business market with what was only ever designed as a consumer product. Their concern is sales, not ensuring that security is maintained, it claimed.

Ian Mann, founder of ECSC, said  information security professionals all recognised the risks as devices outside of organisational control were a source of vulnerabilities.

He added these devices were “a route” for hackers to obtain confidential information, and this area is likely to be the next big cause of security breaches.

However, instead of banning these devices completely the company wants organisations to step back and “assess the risks”.

It said that senior managers should look at what access employees had to company data through their personal devices, as well as understanding the risks and developing controls to exploit new opportunities without compromising information security.

Mann added that more communication between senior IT managers and high level staff who want to access information on their own devices, is key to keeping data safe.