Identity and Authentication in a BYOD World

This post was originally published here by  Chantelle Patel.

The growing demand for mobility in the workplace is causing IT departments to rethink how they allow users to access corporate data. Bring your own device (BYOD) programs are becoming more popular in large enterprises because they offer increased savings and flexibility for employees working remotely. While there are many upsides to BYOD policies, organizations still face many risks when it comes to securing mobile data access. Bitglass’ research team surveyed 200 IT and security professionals at a national Gartner conference to learn more about the evolution of BYOD security in a mobile-first world.

BYOD and User-Generated Passwords

According to the study, 25% of organizations rely solely upon passwords to secure BYOD. Typically, enterprises want to avoid this method of securing access because employees tend to use a single, simple password rather than a number of complex passwords. The more unique the password, the less likely someone is to guess it.

However, organizations can’t rely solely upon passwords. Bitglass research found that 28% of firms have no multi-factor authentication (MFA) in place for BYOD access. Recent breaches, like the one involving Deloitte, have shown that single-factor methods of authentication are insufficient and extremely risky for enterprises.

Concerns with External Sharing Take the Lead

The focus of many organizations remains on securing BYO devices; but, their main priority should be securing the data on said devices. Security professionals reported that their top concerns are external sharingmalware protection, and unmanaged devices. This indicates that enterprises are doubling down on protecting data beyond the corporate network.

Some Are Not Convinced of Apple Face ID

With the release of Apple’s iPhone X just a day away, we wanted to learn about security professionals’ views on the phone’s security features. Interestingly, 61% of respondents have reservations about Apple’s Face ID technology, citing items like accurate face detection as top concerns. This begs the question: will enterprises allow Apple Face ID to secure mobile devices? Either way, organizations of all sizes must take a holistic approach to security and adopt solutions that protect data on any device. 

Photo:Dreamix

Ad

No posts to display