- BYOD is now widespread, with security teams struggling to manage, report claims
- Edge devices remain exposed as research shows 40% are unmanaged across firms
- Zero trust adoption lags as employees continue using personal devices despite company policies
Bring your own device (BYOD) is becoming the rule rather than the exception in workplaces, new research[1] from Ivanti has claimed.
The company found personal phones, laptops and hotspots are increasingly being used for work tasks, often outside the control of IT departments.
The study found nearly half (44%) of workers had used their personal phone for work, while 37% had used it as a hotspot and 32% had used their own computer.
BYOD regardless of policy
Three out of four IT workers said bring your own device was a regular occurrence, despite the fact that only 52% of organizations officially allow it.
Where policies forbid it, 78% of employees do it regardless.
This lack of oversight has left companies potentially vulnerable. Microsoft[2] data shows that more than 90% of ransomware[3] incidents begin with an unmanaged device.
Ivanti’s research agrees with this, with 38% of IT professionals admitting they do not have sufficient data about devices on their networks.
Edge devices, from smart cameras to remote sensors, further add to the exposure.
According to the report, around 40% of such devices remain unmanaged.
“To secure corporate networks against edge device vulnerabilities, organizations must keep edge devices upgraded to the latest release and push security validation to the user endpoint,” said Mike Riemer, SVP, Network Security Group and Field CISO at Ivanti.
Zero trust models are also falling behind adoption expectations.
79% of IT professionals say access controls are more important when staff work remotely, but only 34% of companies use zero trust network access and just 30% use privileged access management.
Daniel Spicer, CSO at Ivanti, said, “IT and security leaders should focus on taking inventory of all IT assets and bringing them under management. This means ensuring you can discover all existing devices, enforcing a clear BYOD policy and making sure that BYOD policy includes the ability to manage a device that wasn’t procured by the company itself.”
The report concludes that traditional perimeters are no longer effective and that companies need to extend management to all devices, wherever they are, and make use of identity-based access controls.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button![4][5]
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.[6][7]
You might also like
References
- ^ new research (www.ivanti.com)
- ^ Microsoft (www.techradar.com)
- ^ ransomware (www.techradar.com)
- ^ Follow TechRadar on Google News (news.google.com)
- ^ add us as a preferred source (www.google.com)
- ^ follow TechRadar on TikTok (www.tiktok.com)
- ^ WhatsApp (whatsapp.com)