ISACA’s fourth Indian annual survey on ‘Shopping on the job - online holiday shopping and BYOD security’ might paint a very bleak picture, when it comes to securing personal devices in the workplace.
The ISACA survey finds that 63% of enterprise security incidents can be directly linked to employees’ use of IT assets —35% of incidents from use of personal devices for work activities, and 28% from the use of work devices for personal activities. BYOD culture’s biggest security risk is perceived to be lost productivity and compromised networks.
BYOD security seems to be gaining prominence with enterprises, given that the trend is on an upswing. Close to 70% of respondents said that their enterprises provide security awareness training. Of these, 51% of respondents clarified that their organizations went the extra mile by educating employees about the risks of online shopping and social networking. Nearly 60% of the respondents pointed out that their organizations prohibit access to social networking websites, with 57% monitoring employee Internet usage.
Despite the fact that several respondents’ organizations block access to retail websites (47%), online holiday shopping during work hours is expected to increase in 2011 (48%). Over 72% say that employees are expected to spend between one to two hours shopping online using their work supplied machines (41%) or their personal devices/smartphones (35%).
Apart from BYOD security, the top three high risk activities identified by respondents were: losing a work-supplied device (91%), clicking on marketing emails to access online shopping sites on work computers (70%), and use of working devices to access p2p file sharing networks (68%). According to survey, 41% of respondents opine that their organizations do not provide guidance regarding the use of geo-location services on smartphones and other devices
In all, close to 4740 ISACA members participated in the survey from 84 countries. The Indian edition saw 298 members participating (with 32% of respondents from BFSI and 44% from technology services/consulting being the two largest respondent groups). Close to 50% of respondents hold a managerial position in their organizations. The complete survey is available here.
Please send your feedback to vharan at techtarget dot com. You can follow our Twitter feed at @SearchSecIN