Organizations are being challenged to manage the BYOD (bring your own device, which most reports refer to as “consumerization”) trend as more employees use powerful and affordable personal mobile devices. More than half of information technology leaders in the US believe that BYOD poses a greater risk to the enterprise than mobile devices supplied by the company, according to a new member survey by the Information Systems Audit and Control Association (ISACA). Yet 27 percent still believe that the benefits outweigh the risks.
On the plus side, BYOD allows organizations and employees to use technology at a limited cost. But as the old saying goes, “there’s no such thing as a free lunch.” Because most organizations aren’t effectively managing BYOD in relation to information access, the access is accompanied by vulnerability. To counter this, organizations need to create and implement a full-scale mobile device policy that corresponds to their risk profile.
Embracing the cloud
This year’s Barometer shows that the number of enterprises not using use cloud computing for any IT services has decreased by 5 points to 21 percent, and those that plan to use it for mission-critical IT services has increased 4 points to 14 percent.
Robert Stroud, CGEIT, international vice president of ISACA and service management, cloud computing and governance evangelist at CA Technologies, says the risk is unavoidable– stifling use of the cloud will stifle business.
Increase in information security and risk jobs
The data, collected in March 2011, shows that 40 percent of respondents expect information security staffing requirements to increase over the next year. Thirty-four percent expect their risk management staffing requirements to rise.
This year’s Barometer indicates that IT risk management is becoming more strategic. Its integration into enterprise risk management is up slightly over last year. Compliance (26 percent) and avoiding negative incidents (22 percent) are still primary drivers, but a close third now is aligning functionality with business needs (18 percent).
The study polled 2,765 IT leaders globally, including 712 respondents from the US. The full results are available here.