Security professionals are willing to accept more security risks to enable BYOD deployment within the enterprise.
ATLANTA, Ga. (PRWEB) April 04, 2013
T.E.N., a technology and information security executive networking and relationship-marketing firm, launched ISE® Analytics, to provide security executives with peer insight on disruptive IT and security technologies and industry trends. Powered by Spire Security, an industry analyst firm providing analysis and research in the information security field, ISE® Analytics delivers insights gleaned from on-point surveys that evaluate the perspectives and intentions of a peer community of senior security executives and their organizations.
The inaugural ISE® Analytics survey focused on the Bring Your Own Device (BYOD) to work trend to evaluate the acceptance of BYOD and its associated risk within the organization.
“The BYOD survey results become interesting when you pull away the layers and focus on the outliers,” explains Pete Lindstrom, principal and vice president of research with Spire Security. “Twenty percent of respondents, for example, are more aggressively interested in BYOD than their organizations, even though it means higher risk. Conversely, 26% of security professionals are more conservative in their BYOD interests than their organizations. These findings suggest a need for security executives to determine how they can best balance their personal interests with those of the organization and align with the goals of the organization while protecting it from risk.”
Key findings in the T.E.N. BYOD report include:
- 61% of security professionals surveyed support BYOD completely (17%) or generally (44%) as compared to only 1% that were against BYOD. The remainder had “mixed emotions.”
- 74% of the respondent’s employers were introducing a BYOD program aggressively (22%) or slowly (52%) as compared to only 3% that had banned BYOD. 7% of organizations were reluctantly allowing some BYOD capability.
- In general, higher levels of support for BYOD were seen in organizations with increased network and data controls.
- Respondents believe BYOD will bring higher risk to their organization by an overwhelming margin, with 90% saying so as compared to 10% of respondents who were neutral.
- Security professionals are willing to accept higher risk in return for increased benefits to the organization. 23% of respondents with strong personal interests and 30% with strong organization interests also assessed the risk as higher.
- At 20%, penetration rates for more advanced virtual machine and sandboxing capabilities were higher than anticipated. This could be a forbearer of new technologies being used to match new architectures.
- On average, organizations are deploying three network controls and three data controls in support of roaming BYOD devices with organizational data and non-organization-owned devices accessing an internal network.
- Risk perception and interest levels do not always match up with the strength of the security posture. There appear to be a set of “risk-tolerant” respondents who deploy few controls in a higher risk arena as well as “risk-averse” respondents who deploy a complete set of controls.
To review more of the survey’s findings click here.
“The results of this survey are very interesting,” comments Craig Shumard, founder and principal of Shumard & Associates. “They clearly show that BYOD is rapidly being adopted by enterprises. Also, that the implementation of security controls, while being viewed as important and critical, appear to be lagging. Security professionals are willing to accept more security risks to enable BYOD deployment within the enterprise. This suggests that enterprises may be retrofitting controls in the future.”
“As businesses continue to leverage new technologies such as mobile and cloud to foster creativity, speed innovation, and facilitate collaboration, security has become increasingly important,” explains Marci McCarthy, CEO and president, T.E.N.. “Organizations need to know whether the new technologies are really being embraced, or just talked about. ISE® Analytics provides the answer. ISE® Analytics surveys a population of senior information security executives that represents the peers of the information security community and reveals the truth about what security executives are really thinking.”
McCarthy continues: “We believe that the conclusions presented in this report are the basis for a dialogue on the way in which security executives and their organizations are embracing the value of BYOD while addressing the associated risk. At T.E.N., we value knowing the intuition of the executives in the security industry and bringing them cutting-edge programs that not only draw on this insight, but empower them to be more effective in their roles. These findings will therefore be part of the underlying discussion themes in our ISE Program Series and as well custom events such as the ISE Private Dinners. We invite you to join the discussion by tweeting your comments to #ISEanalytics.”
T.E.N., a national technology and security executive networking organization, facilitates peer-to-peer relationships between top executives, industry visionaries and solutions providers. Nominated for numerous industry awards, T.E.N.’s executive leadership programs enable information exchange, collaboration and decision-making. Its flagship program, the nationally-acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals. Other offerings include the T.E.N. Custom Programs and the ISE® Industry Expert Advisory Services, empowering IT solutions providers to gain access to highly credentialed IT business veterans’ expertise. For information, visit http://www.techexecnetworks.com and http://www.iseprograms.com.