A whooping 73 percent of IT professionals believe sensitive company data may be compromised when employees access information from personal devices, according to a recent survey on IT industry trends by TEKsystems.

The IT consulting firm surveyed 3,500 tech professionals in the United States and Canada, including chief information officers, IT vice presidents, IT directors, IT hiring managers, developers, and network administrators and architects.

The survey also found that 35 percent of IT leaders and 25 percent of IT professionals are “not confident their organization’s ‘bring your own device’ policy is compliant with data and privacy protection acts, HIPAA, Dodd-Frank, or other government-mandated regulations.”

Of the IT professionals surveyed, 82 percent said they spend part of  their time during the workday on mobile phones, with 72 percent saying they use laptops and 54 percent  tablet devices. Those numbers will only increase with new technology, creating more headaches for businesses trying to catch up to today’s personal devices.

Vague company policies and lack of education also seems to be adding to the BYOD fears. The survey found only 35 percent of IT employees report their company’s policy is “well communicated and updated frequently.” The other 65 percent report either “nothing has been communicated,” “there are no official policy guidelines,” or “employees are not allowed to use their own devices at work.” And 71 percent of IT leaders and 64 percent of IT professionals report their organization does not have mandatory end-user training to educate employees and protect the company from the risks associated with BYOD.

In May, a study by the technology research firm Gartner found a growing number of companies expect to stop providing devices to employees by 2016.

BYOD Solutions

Is your association struggling to keep its grip on the BYOD trend? There are options you can consider, including these tips from TEKsystems:

• Establish a clear BYOD policy.
• Implement device-tracking and compliance-monitoring programs to protect sensitive company data.
• Determine responsibility for and breadth of device support.
• Determine when and how users can access the network.
• Implement ongoing education programs.

(iStockphoto/Thinkstock)