BT Assure: security - rethink the risk

April 2012BT AssureRethink the RiskSummaryInvolving more than 2,000 interviews across 11 countries the BT ‘Rethink theRisk’ research contrasts the views and expectations of employees with theplans and priorities of IT decision-makers in enterprises across public and keycommercial sectors.It highlights the new opportunities and security risks posed by the growingpresence of personal devices on corporate networks, the large scaledeployment of cloud solutions and increasing amounts of unstructureddata generated by contemporary commerce – all challenges addressed byinnovations within the BT Assure security portfolio. Crucially, the BT ‘Rethinkthe Risk’ research reveals that risks to enterprises are moving too fast forreactive security systems.The risk landscape is changing, fast... networks, 62 per cent highlighted new technology to improve the monitoring and identification of threats and 50 per cent• merging threats already rank alongside established cyber- E highlighted improved skills among staff to assess and manage security challenges – Employees leaking data, Bring your own cyber-security risks. device (BYOD) and a mobile workforce are in the same threat league as cyber-security. • hen asked to select the three most important factors WNumber of respondents rating each of these threat areas as “‘challenging” or “very challenging’ when considering cyber-security solutions 61 per cent cited(BASE: IT respondents) effectiveness of monitoring and speed of response, 52 per cent cited strength of resilience against attacks and 42 per cent cited the ability to flex and fine-tune solutions to requirements. BYOD is presenting new, unprecedented challenges • he BYOD genie is out of the bottle – 60 per cent of employees T say their employers permit them to connect personally-owned devices to the corporate network to use them for work. This drops to 37 per cent in the UK but increases to 80 per cent in India and 92 per cent in China, who have had the opportunity to develop new infrastructure from scratch so are more able to adopt modern policies and technologies.• lmost three-quarters of IT managers describe cyber-security A as “a major concern” while 84 per cent of those using cloud • 6 per cent of employees who currently can’t, would like to be 4 services are “anxious” or “very anxious” about the security able to use their personal devices for work. implications, acknowledging that keeping up is an endless task. • hile company sanctioned BYOD adoption is generally high, use W• nterprise IT departments recognise that their approach to E stated by employees is higher than level IT managers acknowledge. cyber-security needs an upgrade and tighter controls and new • rganisations in China (53 per cent), Brazil (51 per cent) and O technology are seen as key weapons. the USA (50 per cent) are most likely to have formal BYOD• hen asked to select the three most important ways to help W policies in place, but there is still significant acknowledged strengthen their approach towards cyber-security 66 per cent penetration in countries least likely to already have a policy – highlighted tighter controls over IT equipment, processes and Italy (25 per cent), UK (31 per cent) and Germany (34 per cent).

April 2012BT AssureRethink the RiskSummary• ll typical business personal computing applications are being A • T decision-makers need to tackle an extensive range of issues I executed on personal devices. before they feel able to introduce a BYOD policy, including security, complexity of set-up, potential threats to IP and• he benefits of enhanced mobility and consumerisation T increased costs associated with data usage. are widely recognised – 58 per cent of IT decision-makers think mobility and consumerisation can deliver increased Please select the three most important ways to help strengthen your approach towards cyber-security (BASE: IT respondents) productivity and efficiency.• 4 per cent believe companies already allowing employees 8 to use their personal devices for work enjoy a competitive advantage – this increases to 98 per cent of IT decision- makers in China and 94 per cent in India.• he challenge of maintaining an effective BYOD policy is clear T – 71 per cent of enterprises surveyed will have a BYOD policy implemented by March 2013. Yet only just over a quarter of IT respondents report that managing their BYOD policy is easy, or that they expect it to be easy.Do new rights come with new responsibilities? Please select the three most important factors when considering cyber-security solutions• or employees, consumerisation is mostly about benefits – 42 F (BASE: IT respondents) per cent of employees using their own device for work believe that they are more efficient and productive as a result but 1 in 3 employees see “no risk” in using their own device in a work context and only 1 in 10 IT heads think all BYOD users recognise the risks.• mployees resist management of their usage – 40 per cent E of employees say that “The IT department imposes rules and regulations that restrict the most innovative use of new technologies” and almost half dislike the idea of having additional security features installed. • heir greatest concerns when it comes to creating or having T created BYOD policies are employees being able to leave with• mployees and IT departments are clashing over the E data or knowledge that threatens IP and a lack of control imposed restrictions and conditions of BYOD – a maximum over devices. of 1 in 4 employees find any BYOD policy conditions set by management “reasonable”. • YOD’s accompanying realignment of security infrastructure B has had significant impacts on enterprise IT delivery – whenIT decision-makers have a tough balance to strike asked what effect providing the security infrastructure to• ust 11 per cent of IT Managers believe all employees recognise J support a BYOD policy has had 70 per cent of IT decision the risk to company security that using a personal device in makers claimed that it has increased complexity, 60 per cent a work context can represent. Only 19 per cent believe all claimed that it had increased cost and 54 per cent claimed it users understand their access/permissions related to their had changed how they prioritise resource allocation. mobile devices. 28 per cent agree that putting 24/7 access Global perspectives on BYOD to corporate systems into the hands of an increasingly mobile workforce is now the main threat to corporate IT security. • f IT managers within organisations with BYOD policies, O providing the security infrastructure to support a BYOD policy• T managers are nervous and with justification – nearly 4 in 10 I has had the most impact on organisations in the USA (with enterprise organisations surveyed have a history of BYOD- every aspect scoring between 62 per cent and 89 per cent) related breaches in security. and least in Benelux (where scores range between 19 per cent and 50 per cent).

April 2012 BT Assure Rethink the Risk Summary• 5 per cent of IT managers say the cost of BYOD is unclear – 1 BYOD is heralding a “new model of IT” this more than doubles in the UK and Benelux to 38 per cent. • ld barriers are rapidly disappearing, and the certainties of O In Spain and Brazil more than half report a net saving (52 per past security paradigms is going with them. cent and 53 per cent respectively) compared to an average of 36 per cent. • ver half of IT decision-makers (57 per cent) believe the rise O of BYOD heralds the move to a new model of IT where barriers• hilst 31 per cent of the total number surveyed report a net W between the individual and workplace dissolve and everything cost, in China and India this reaches 53 per cent and 50 per is linked together by the corporate network. cent respectively – so while they may appear to be top of the game, it is costing them. Sector perspectives• n average 47 per cent think BYOD may threaten auditing O • per cent of IT managers in the government sector think 37 and compliance obligations – this reaches 60 per cent in the that cyber-security is “a major concern” compared to 49 UK and 65 per cent in India. per cent in the financial services sector and just 26 per• 3 per cent (almost double the average of 39 per cent) of 7 cent in logistics. IT decision-makers in India admit they have had a security • per cent of respondents in financial services and 27 breach due to an unauthorised device. This is also high in government agree that giving 24/7 access to corporate Singapore (58 per cent) and Brazil (49 per cent). systems to an increasingly mobile workforce is the main• here are currently differing levels of vigilance when it comes to T threat to corporate IT security compared to 35 per cent the security risk presented by BYOD. Only 43 per cent are actively in pharma. monitoring for people using their own device on the network. • per cent of those in government say it’s difficult to 32Can you tell if someone is using an unauthorised device on the system?(BASE: IT respondents with a BYOD policy) develop BYOD policies, compared to 26 per cent in the financial services sector and just 23 per cent in logistics. • per cent in pharma and 71 per cent in financial services 78 think that BYOD has increased complexity of the security infrastructure compared to 67 per cent in government. • per cent of employees in the non-government public 48 sector see no risk in using their personal devices for work – compared to just 17 per cent in government and 32 per cent overall. • per cent of employees in the FMCG sector say they are 73 allowed to use personal devices compared to just 46 per cent in government (average 60 per cent). • Overall a third of respondents (33 per cent) can tell immediately if an authorised user misuses their device – this rises to 38 per cent in financial services and pharma, compared to just 27 per cent in government. • per cent of respondents in pharma and FMCG sector 45• T decision-makers in China have the greatest vigilance I have a history of BYOD-related breaches in security on their corporate network. 79 per cent say they can tell compared to 38 per cent in government and 33 per cent in immediately if an unauthorised device is connected to their financial services. network and 71 per cent can tell if an authorised user misuses. To learn more about this research and find out how BT is helping organisations overcome the security challenges they face, visit www.bt.com/btassure/securitythatmatters.

http://letstalk.globalservices.bt.com	509
http://www.blog.bt.com	210
http://dev.letstalk.globalservices.bt.com	8

BT Assure: security - rethink the risk

by BT Let's Talk

Accessibility

Categories

Upload Details

Usage Rights

3 Embeds 727

Statistics

BT Assure: security - rethink the risk Document Transcript