IDC: Consumer IT in workplace creating security risks

IDC: Consumer IT in workplace creating security risks

Employers unaware of devices used, websites visited.

Smart phones, netbooks and social networking sites are invading the local workplace and causing policy headaches for employers according to the results of the latest IDC/Unisys survey.

The Consumerisation of IT research found that 96 percent of New Zealand employees use at least one privately purchased technology device in the course of their work. iPhones and PDAs are often purchased by the employee, whereas Blackberry smartphones are paid for by the employer.

About 44 percent of employers allow access to business applications via a smartphone.

IDC found that there was a disparity between employers and employees about personal activities allowed at work. Fifty three percent of employees responded that they were allowed to attach personal devices to the network, but only 45 percent of employers said they could. Fifty two percent of staff also said they were allowed to store personal data on the network but only 41 percent of employers said they could. Unisys NZ managing director Brett Hodgson says the danger is that if organisations are not aware of how technology and their IT infrastructure is being used, they may not have in place adequate security measures.

“This can put their corporate data and employees’ privacy at risk.”

The study found that 35 percent of employers expect to use Twitter to conduct business activities in 12 months from now, compared to 30 percent using Twitter currently, but they also expect a concurrent fall in internet browsing from 95 percent to 71 percent.

However, 34 percent of employers reported that they do not have social media guidelines for social media use in the workplace.

Hodgson says managing risks requires more than a technology offering for protection of endpoints and the network infrastructure.

“Employers also need to address the human behaviour side of the issue via employee education about the risks and enforced policies to prevent them. And any such policies need to cover employee-owned devices, online applications and social networking sites used for work activity. According to the Consumerisation of IT research, IT policy is typically set by the IT department, CIO or CEO. However, given the nature of the risk, HR and legal departments need to be involved too,” he says.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags IDCunisys

Show Comments