Freely subscribe to our NEWSLETTER

The research explores the attitudes of IT decision makers towards security within their organisations. It shows that uptake of BYOD (Bring Your Own Device) and COPE (Corporately Owned Personally-Enabled) devices is very high, with 91 per cent of French organisations allowing employees to use these devices for work purposes.

However, just over a fifth (21 per cent) of French organisations actively had a BYOD policy. In this environment, device security is falling by the wayside: only 19 per cent of respondents felt that their company had sufficient resources in place to prevent a mobile security breach. Surprisingly, over two fifths (44 per cent) do not have password protection, however 37 per cent of respondents say that their organisation does not have IT security training for all.

The report highlights that while around a quarter (24%) of personal or corporate owned mobile devices have full access to the internal networks or contain sensitive client information, 40 per cent of organisations do not have any kind of enforceable mobile security policy.

For those that do, the average length of time between reviewing mobile security measures in France is over a year - 13 months. The infrequency of this is cause for concern, as many IT decision makers believe that the rate of malware infections will be on the rise in the next three to five years. Security breaches, such as lost or stolen devices, malware infections such as viruses, spyware, and Trojan Horses, or the loss or theft of company or customer data, have had a major impact on business processes, including taking up valuable help desk time and other IT resources. They have reduced employee productivity, day to day activity and even customer experience, as well as causing reputational damage. Some have even resulted in hefty fines.

Mark Hughes, president of BT Security, said: “Today’s threat landscape shifts very quickly so it is important for organisations to start with security in mind, rather than add it as an afterthought. This will ensure that security processes develop with them, and not after them. This makes the task of being security-led much more straightforward.”

Staff attitudes remain the biggest threat to data security. The report reveals that 87 per cent are not taking the security of devices seriously. However, delving further into this, it becomes clear that this attitude trickles down from the boardroom: Eighty-three per cent of French IT decision makers do not believe their CEO takes security very seriously. This is concerning, as security programmes need to have complete top down buy-in in order to be successful, with everyone from the CEO right throughout the organisation taking part.

Mark Hughes, continued, “If CEOs are passionate about making security practices work, then they will inevitably become an intrinsic part of people’s lives. Problems usually arise when people don’t understand the risks and the impact that neglecting security could cause for the business, as well as for them personally. A security breach could cause a share price drop and reputational brand damage. This means that security is everyone’s job.

“At BT, we are working with many leading global organisations to help educate them about security risks and put in place proactive defences. When people understand the repercussions of not adhering to security practices, and are given the tools to prevent them, organisations will truly be able to reap the many benefits of mobility and BYOD.”