Corporate attitudes toward bring-your-own-device (BYOD) policies appear to fall into one of three categories, according to a survey of IT users released this week: There's no official BYOD policy, devices are banned, or no one talks about it.
The survey, conducted by IT services company TEKsystems, included responses from 1,500 IT leaders and 2,000 IT professionals form companies of all sizes.
According to TEKsystems, the survey showed that while the BYOD movement is in full swing, immature policies are putting sensitive organization and employee data at risk. "Findings also highlight the fact that BYOD's value for many organizations is, at this time, mediocre at best," the study concluded.
According to the survey, 65% of respondents said "nothing has been communicated," "there are no official policy guidelines," or "employees are not allowed to use their own devices at work."
Respondents said corporate policies are often vague. Only only half of IT leaders (48%), and just a third of IT professionals (35%), believe their company's BYOD policy is crystal clear.
TEKsystems also said the survey revealed that while BYOD is often heralded as a way to boost productivity, improve customer service or save money, respondents said the main return from a good BYOD policy is employee satisfaction.
IT leaders and IT professionals say their organizations are not effective in achieving BYOD's promise of higher customer satisfaction (60% and 56%, respectively) and lower IT expenses (62% and 58%, respectively).
Seventy-three percent of IT leaders and IT professionals surveyed also said poor BYOD policies put sensitive corporate data at risk by potentially exposing it on personal mobile devices.
Thirty-three percent of IT leaders and 46% of IT pros said their organizations lack the ability to remotely wipe data from employee devices if necessary.
More than a third (35%) of IT leaders and a quarter of IT professionals also doubt their organizations are complying with government mandates.
"Given the threat of a data leak, any employee who does not understand an organization's stance on BYOD poses a risk," TEKsystems said. "Failure to clarify the company's policy and educate end users on security best practices creates false and dangerous assumptions."
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed. His e-mail address is firstname.lastname@example.org.
Read more about bring your own device (byod) in Computerworld's Bring Your Own Device (BYOD) Topic Center.