One-quarter of businesses ‘rely solely on passwords to secure BYOD access’

One-quarter of businesses 'rely solely on passwords to secure BYOD access' [Image credit: shutteratakan via iStock]

A significant number of businesses may not be employing a robust range of security solutions when managing their bring-your-own-device (BYOD) policies.

Data protection company Bitglass has published the findings of its new BYOD and Identity research report, revealing that many of the companies that are allowing staff to use their own devices at work may inadvertently be leaving their systems exposed to the threat of compromised credentials, which could result in a damaging data breach.

The report indicated that one in four organisations are not using any form of multi-factor authentication when securing BYOD, meaning they are relying solely on user-generated passwords – a pattern that is consistent with well-known enterprise security gaps.

Compromised passwords and the use of single-factor authentication have both been shown to have resulted in several high-profile data breaches in recent months, leading to significant costs and reputational damage for the companies affected.

Despite this, businesses retain concerns about other forms of security, with 60 per cent of respondents having reservations about Apple's Face ID technology. Accuracy of face detection was cited by 40 per cent of respondents, with 30 per cent worrying about its ability to prevent unauthorised access and 24 per cent harbouring concerns about the speed of face detection.

Rich Campagna, chief executive officer of Bitglass, said: "Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed. The BYOD boom exposes organisations to risks that can only be mitigated with next-gen, data-centric solutions that secure access."

The report also showed that 45 per cent of professionals regard external sharing as their leading security concern, with 40 per cent most worried about malware protection and a similar proportion expressing fears about unmanaged device access. This shows that businesses are awake to the need to protect data beyond their corporate network.