Bitglass Report Shows Enterprises Increasingly at Risk from Enabling BYOD

A new Bitglass report shows that despite the surge in enterprises enabling bring your own device (BYOD), many are unprepared for the associated risks.

Bitglass’ 2021 BYOD Security Report show the rapid adoption of unmanaged personal devices connecting to work-related resources. It also highlights how organizations are ill-equipped to deal with growing security threats such as malware and data theft.

The Bitglass report is a joint venture with Cybersecurity Insiders. It surveyed hundreds of cybersecurity professionals across industries to better understand how COVID-19’s resulting surge of remote work has affected security and privacy risks introduced by the use of personal mobile devices.

The insights in this report are especially relevant. That’s because more enterprises are shifting to permanent remote work or hybrid work models. That means connecting more devices to corporate networks and, as a result, expanding the attack surface.

Enterprises Left Vulnerable

Anurag Kahol is CTO and co-founder of Bitglass.

Bitglass’ Anurag Kahol

“Despite 82% of enterprises enabling BYOD to some capacity, many are still highly unprepared for the risks associated with unmanaged devices,” he said. “Fifty-one percent of the surveyed organizations don’t have any means of identifying vulnerabilities associated with malicious Wi-Fi on personal devices. Even more surprisingly, 49% are unsure or unable to detect whether malware has been downloaded in the last 12 months.”

Key findings from the Bitglass report:

Cybercriminals Targeting Remote Workers

“Without any security measures implemented to protect their remote workforce, organizations are vulnerable to data leakage or unauthorized access to corporate resources,” Kahol said. “Furthermore, criminals can easily take advantage of unsecured endpoints and conduct phishing attacks through email to infiltrate ransomware, which can result in data theft and disruption of business operations. This can lead to millions of dollars in damages and an irreparable brand reputation in the eyes of customers and consumers.”

It’s clear organizations lack full visibility and control across their multicloud enterprise network, he said.

“In fact, 45% are concerned with having no ability to control endpoint security,” Kahol said. “Enterprises must adopt flexible, robust security solutions that can offer a complete view of their resources without invading user privacy. Comprehensive cloud security platforms can help IT teams monitor for potential vulnerabilities and risks, while proactively preventing data leakage and unauthorized access by third parties — all from a single control point.”

The pandemic highlighted the inherent lack of cybersecurity among enterprises of all sizes, he said.

“Criminals are striking frequently, leveraging more sophisticated techniques to hack into corporate systems,” Kahol said. “Outdated security solutions, like firewalls, can no longer secure the hybrid workforce from emerging threats. As we embrace the new normal, companies that aren’t equipped with the appropriate security to safeguard their employee and enterprise data will continue to be susceptible to risks.”