Mobile device management (MDM) remains the top tool for monitoring and managing mobile devices. That's according to a new study from Vectra Networks and LinkedIn's Information Security Community

The study found that 43 percent of respondents' organizations relied on MDM to secure data on mobile devices. That was followed by endpoint security tools (39 percent) and network access controls (38 percent).

The study also found 60 percent of respondents said they believed malware protection is a requirement for mobile security.

"BYOD and mobility create a significant security risk that we have observed in production networks," Vectra Networks Vice President of Marketing Mike Banic said in a prepared statement.

Information Security Community founder Holger Schulze also pointed out the loss of company or customer data and unauthorized access to company data and systems were respondents' biggest security concerns.

At least 1,100 IT professionals participated in the study, and other findings included:

  • 86 percent of study respondents said accessing email, calendar and contacts were the most popular uses for BYOD devices.
  • 79 percent of respondents said they have not fully implemented BYOD policies, processes and infrastructure, and 24 percent of respondents' organizations did not have a mobile device policy.
  • When asked about sensitive information and intellectual property being accessed as a result of BYOD policies, respondents were most concerned with protecting business data (74 percent), customer/employee data (69 percent) and documents (66 percent).
  • Researchers found the most common risk control measures for mobile devices were password protection (67 percent), followed by remote wiping of data (52 percent) and encryption (43 percent).

Malware threats frequently are brought into organizations on unmanaged, privately owned devices as well, according to the study.

Are Millenials to blame?

There are several reasons why organizations may be reluctant to implement BYOD policies.

Application platform provider TrackVia reported nearly 70 percent of Millennials recently admitted to using apps not approved by corporate IT policies for work-related tasks.

TrackVia noted 69 percent of Millennials claimed they never collaborate with IT to select new business apps too.

But don't forget about the hidden costs of BYOD.

Convergent Technologies President Kate Jaffe told SmartCEO the average corporate-owned "smart" device costs $123.16 per month, or nearly $1,500 per employee annually.

How to implement BYOD effectively

Finding the best way to deploy a BYOD policy is crucial, yet it often differs from organization to organization.

Banic told MSPmentor he believes there are four steps to create and implement an effective BYOD policy:

  1. Define a BYOD policy.
  2. Adopt the security architecture for BYOD.
  3. Implement the policy.
  4. Evaluate the implementation of BYOD and new security measures.

Schulze added BYOD policies can deliver a return on investment (ROI), but organizations must monitor BYOD and mobile security closely.

"IT resources required to manage security incidents are one of the biggest challenges companies face when implementing BYOD," he told MSPmentor. "Combine this added expense with new security risks introduced by private devices and you get to a point where there needs to be a clear, demonstrable ROI for BYOD initiatives to move forward. New BYOD security solutions can help to lower that risk and associated IT support cost."

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at dan.kobialka@penton.com.