According to ISACA’s 2012 IT Risk/Reward Barometer: North America, 72 percent of organizations in the US allow (in one way or another) bring your own device (BYOD) in the work environment. This new computing practice exposes businesses to unique risk that can threaten corporate security and reverse the productivity gains that were originally intended. Due to their portable nature and integration with public cloud applications, personal mobile devices greatly increase the risk of data theft or leakage. In fact, a study by Decisive Analytics revealed that nearly half of the enterprises that allow BYOD to connect to their network have experienced a data breach.
Security experts believe the next wave of enterprise hacking will be carried out via mobile attack vectors. As organizations improve defenses against direct network attacks, hackers will move to a path of least resistance and exploit mobile applications to gain backdoor access to enterprise networks through BYOD. In this context, it becomes essential to manage mobile application and device risk, and control their access to trusted networks. So, what are the steps an organization can take to realize the productivity gains and cost-savings associated with BYOD, while proactively managing and mitigating the security risk associated with this practice?