Survey findings. Executive Summary. Subject: BYOD

Similar documents
NAVIGATE THE UNCHARTERED WATERS OF BYOD WITH A SECURE POLICY

SURVEY FINDINGS. Executive Summary. Introduction Budgets and Spending Salaries and Skills Areas of Impact Workforce Expectations

Survey Findings DEEP DIVE

IT Workforce snapshot

IT Workforce snapshot

Whitepaper. How to Implement a Strong BYOD Policy. BYOD on the Rise - But with Challenges

IT Workforce. Your onboarding program has the potential to increase retention, productivity and revenue

Working With government Agencies calls for Well-DevelopeD it

BRAVE NEW WORLD: OVERCOMING NEW HEALTHCARE CHALLENGES WITH TOP IT TALENT

Facilitating a Windows 7 Upgrade and Application Packaging for a Major U.S. Bank

THE CLOUD: PROGRESS AND POTENTIAL

Building a Comprehensive Mobile Security Strategy

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations

QUICK FACTS. Consolidating Service Desks Post-Merger for a Leading U.S. Energy Supplier TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

QUICK FACTS. Transitioning On-Site Support to an Off-Shore Model on Behalf of an Insurance Provider

Survey Methodology. State of the Job Market Impact of Social Media Mobile Usage SURVEY FINDINGS. New Trends in IT Job Search.

of firms with remote users say Web-borne attacks impacted company financials.

Establishing a Mature Identity and Access Management Program for a Financial Services Provider

CHOOSING THE MOST EFFECTIVE APPROACH TO VENDOR CONSOLIDATION

Technology. Accenture Infrastructure Outsourcing Services

BYOD Strategy - Advantages and Disadvantages

Top Ten Technology Risks Facing Colleges and Universities

Survey findings. Executive Summary. Big Data...The Next Frontier

fmswhitepaper Why community-based financial institutions should practice enterprise risk management.

QUICK FACTS. Guiding the Identity and Access Management Strategy for Yale New Haven Health System TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

PRACTICAL BUSINESS INTELLIGENCE STRATEGIES:

Designing a Customized E-learning Solution for a Worldwide IT Company

Developing a Policy for Bring Your Own Device. Report to the Joint Legislative Oversight Committee on Information Technology

The Convergence of IT Operations

How To Improve Service Transition

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Designing and Implementing IT Infrastructure Standardization for a Large Energy Company

Enterprise Mobility Management 101

Survey findings. Executive Summary. Subject: Onboarding

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015

Securing Health Data in a BYOD World

Everything You Need to Know About Effective Mobile Device Management. mastering the mobile workplace

2016 Firewall Management Trends Report

Organizations See PCI as a Benefit, Not a Burden

EasiShare Whitepaper - Empowering Your Mobile Workforce

IT Workforce. Create a winning team by leveraging a performance management system. Guide your employees to achieve success as a high-performing team

BUYER S GUIDE. The Unified Communications Buyer s Guide: Four Steps to Prepare for the Modern, Mobile Workforce

The Call to Off-shore

Benefits Administration: Should You Outsource or Manage In-House? As companies consider options, Health Care Reform may impact decisions

BYOD report. Comms-care commissioned survey highlighting the change in Bring Your Own Device (BYOD) issues over the past twelve months

QUICK FACTS. Managing a Service Operations Team for a Leading Software Developer. TEKsystems Global Services Customer Success Stories.

WHITE PAPER. 10 Things Every Law Firm Should Know About Improving IT Performance: A Practice Director s Guide

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

Managing the Growing Appification of Business

Enterprise on the Go. How enterprises can leverage mobile apps

BYOD: Bring Your Own Policy. Bring Your Own Device (BYOD) is already making a significant impact on the way the private sector works.

Mobile Security Challenge Emerges Smart IT Leaders Evaluating Pervasive Security Options

Small Business. Optimism Report

QUICK FACTS. Catholic Health Initiatives Collaborates with TEKsystems to Update its Aging Fleet of IT Equipment to Achieve Meaningful Use

Peer Research Report Insights on the Current State of BYOD

Riding technology waves

Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER

Governance Takes A Central Role As Enterprises Shift To Mobile

Configuration to the cloud Cloud configurator: Safe to Fly?

W H I T E P A P E R E m b r a c i n g C o n s u m e r i z a t i o n w i t h C o n f i d e n c e

QUICK FACTS. Delivering Superior IT Support Services for a Video Game Maker TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

High Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

How To Find Out What People Think About Hipaa Compliance

How Technology Executives are Managing the Shift to BYOD

CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE

Is Your BYOD Plan Exposing You to Risk?

YOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance

Mobility, Security Concerns, and Avoidance

The Real Cost of a Bad Hire

QUICK FACTS. Replicating Canada-based Database Support at a New Facility in the U.S. TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

QUICK FACTS. Facilitating Application Packaging on Behalf of a Global Professional Services Company

BOYD- Empowering Users, Not Weakening Security

Building the business case for continuity and resiliency

The Challenge of Securing and Managing Data While Meeting Compliance

5 Traits of Companies Successfully Preventing Fraud and How to Apply Them in Your Business. An IDology, Inc. Whitepaper

Deep Dive BYOD, COPE & MDM

The Expanding Role Of Mobility In The Workplace

Mobile Device Management for CFAES

Is It Time To Refresh Your Wireless Infrastructure?

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

IT WORKFORCE PERSPECTIVES

Mobile Device Inventory the first step in enterprise mobile management

Avoiding BYOD Legal Issues. Route1 Inc. September 2013

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

Managing a 24x7x365 Support Center and Network Engineering for a Government Agency QUICK FACTS

BYOD - A Model For Modern Business

6 Ways Social Collaboration Can Boost Employee Engagement

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: Web:

BYOD in Law Firms. Role: Decision Maker Segment: Mid-Tier or Mid-Market Orientation: Educational Region: APAC

QUICK FACTS. Providing an Infrastructure Managed Services Solution for a Telecommunications Provider

Address key business priorities with a strategic approach to outsourcing

HIPAA compliance audit: Lessons learned apply to dental practices

State of Mobility Survey. France Results

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Aftermath of a Data Breach Study

BYOD BEST PRACTICES GUIDE

Transcription:

2013 Survey findings Executive Summary Subject: TEKsystems IT Industry Survey series explores the hottest trends affecting the IT workforce. With over 80,000 IT professionals deployed at 6,000 client sites annually, our network of connections offer real-world insights into what works, what doesn t and what s possible in IT today.

TEKsystems IT Industry Trends Survey Regardless of industry, company size or the market, all organizations will face the Bring Your Own Device () trend sooner rather than later. cannot be addressed by a simple policy that allows employees to bring their personal device to work; the situation is much more complex and offers a number of challenges that can be difficult to navigate. This research explores the landscape, identifies the prevalence of key challenges and offers recommendations that can set your organization up for success. Survey methodology and respondent profile In June of 2013 TEKsystems conducted an online survey of more than 1,500 IT leaders and more than 2,000 IT professionals in the U.S. and Canada. The IT leaders included CIOs, IT vice presidents, IT directors and IT hiring managers. The IT decision makers spanned a wide cross-section of industries, including technology, financial services, healthcare, manufacturing, government and professional services, among others. Respondents also included a wide range of company sizes, from less than $5 million to more than $1 billion in revenue. The IT professionals respondent population included developers, network administrators, architects and help desk skill sets, among others. Annual Revenue Industry Skill Sets 35% 13% 25% 31% 2% 2% 6% 8% 9% Developer Help Desk Network Administrator Systems Administrator 15% 14% 12% 11% 27% 13% 12% 10% 9% Installer/Technician Tester/Quality Assurance Business Analyst 9% 9% 8% Less than $5 million IT Network Engineer 7% $5 million to $50 million $50 million to $1 billion More than $1 billion Manufacturing Healthcare Financial Services Architect Database Administrator 3% 3% Telecommunications Technical Writer 3% Professional Services Security 2% Government and Education Transportation and Construction Energy ERP Storage 2% 1% Retail Cloud 1% TEKsystems.com 2

TEKsystems IT Industry Trends Survey Key survey findings is upon us whether we like it or not. In a typical work day, IT workers spend time on a range of devices for work-related activities, including their mobile phones (82 percent), laptops (72 percent) and tablet devices (54 percent). comes with dangerous side effects. Seventy-three percent of IT leaders and IT professionals believe sensitive company data may be compromised when employees access information from personal devices, with two out of five IT leaders and half of IT professionals estimating 25 percent or more of the organization s sensitive data is at risk. Perhaps most alarming, many organizations are not even sure if they are breaking the law. Thirty-five percent of IT leaders and 25 percent of IT professionals are not confident their organization s policy is compliant with data and privacy protection acts, HIPAA, Dodd-Frank or other government-mandated regulations. The majority of companies fall on one extreme or the other in terms of policies. Only 35 percent of IT employees report their company s policy is well communicated and updated frequently. The other 65 percent report either nothing has been communicated, there are no official policy guidelines or employees are not allowed to use their own devices at work. Clarity and education on what is and isn t acceptable is a critical yet often overlooked step to protecting organizations and their clients, employees and reputations. Seventy-one percent of IT leaders and 64 percent of IT professionals report their organization does not have mandatory end-user training to educate employees and protect the company from the risks associated with. Recommendations TEKsystems suite of services, including IT recruitment, training and managed services solutions, enables organizations to effectively navigate the trend. We help our clients build, implement and enforce a policy that prevents the most common pitfalls while achieving maximum business benefit. Establish a clear policy to mitigate the organization s risk exposure. Implement device tracking and compliance monitoring programs to protect sensitive company data and meet compliance requirements. Determine when and how users can access the network to protect network bandwidth and productivity of work-related projects. Implement ongoing education programs to protect the organization and its clients, employees and reputation. Determine responsibility for and breadth of device support to avoid overwhelming the IT department. TEKsystems.com 3

landscape it s everywhere, for good reason It s everywhere For some time now, the industry has seen a steady increase in mobile device usage compared to desktop PCs. Some estimates indicate that smartphones have actually overtaken or are close to overtaking PCs in terms of products being produced. Our data reflects that explosion of growth, as eight out of 10 end users indicate they spend time on a mobile phone for work-related activities. The business world today demands speed, agility and flexibility. Mobile devices are the perfect vehicle for meeting that demand. In a typical work day, what personal devices do you use for work-related activities? mobile phone 89% 82% tablet 57% 54% laptop 82% 72% TEKsystems.com 4

For good reason is here to stay not only just because employees expect it but also because it promises several business benefits. Interestingly, IT leaders and IT professionals are aligned in how they rank their organizations ability to achieve various objectives of policies. It s not a coincidence that accessibility and employee satisfaction are rated as most effectively achieved, as an organization that simply allows for some personal device usage is already increasing employee access and satisfaction. Nor is it a surprise that customer satisfaction and IT expenses are rated lowest. Both of these objectives provide a more challenging ROI metric and gauging their effectiveness typically requires a longer timeframe. Measuring improvement in customer satisfaction due to factors isolated from other variables is tricky. Moreover, while can lower hardware costs, a poorly constructed policy can also result in many indirect expenses, such as an overwhelmed support desk or network bandwidth issues. Despite the alignment in effectiveness rankings, nearly half of the IT leader and IT employee populations believe their organizations are either achieving a middle-of-the-road effectiveness or are completely ineffective, suggesting many policies require improvement. If your organization has a policy, how do you rate its ability to support/achieve the following objectives? Accessibility (increasing employee access for workrelated purposes) Employee satisfaction (improving employee satisfaction by offering greater freedom of choice) Productivity (improving efficiency and productivity) Customer satisfaction (improving response time to customer questions/issues) IT expenses (offsetting cost of providing company issued devices) Effective 63% 57% 51% 41% 39% 55% 48% 44% 42% 55% Middle-of-the-road effectiveness to completely ineffective 37% 42% 49% 60% 62% 45% 45% 52% 56% 58% TEKsystems.com 5

risks people feel comfortable with how polices impact them but not with how they could impact the companies they work for Comfort with personal impact End users accept that their employers are not going to pay for all expenses related to their personal mobile device. And it s doubtful that an IT leader or professional would go without a smartphone because their employer doesn t cover all of the expenses. The fact that some organizations do cover all expenses is typically considered gravy. The high level of comfort IT leaders and IT professionals express with their organizations policies is likely due to the prevalence of more relaxed policies that do not infringe on personal freedoms in order to protect sensitive company data. While this approach may assist with achieving the goal of employee satisfaction, organizations must weigh the cost of the risk involved. Are end users expected to cover the cost of their mobile devices when it comes to business activity? Which of the following statements accurately describes your thoughts on your company s policy? Yes, my company is fiscally frugal 45% 54% The organization s policies on mobile data protection are fair and I am comfortable with them 92% I pay a portion of the expenses 29% 35% 86% No, they cover all related expenses 20% 17% I feel like the organization snoops on me and I don t like it 8% 14% TEKsystems.com 6

Risk to company IT leaders and IT professionals agree that sensitive company data is at risk when employees access information from personal devices. Approximately three quarters of IT leaders and IT professionals believe their organization s sensitive data is at risk due to end users accessing information from personal devices nearly a quarter of IT leaders and a third of IT professionals go so far as to rate the risk as great. Additionally, almost half of both groups feel that 25 percent or more of their company s sensitive data is exposed. With this level of risk exposure, many organizations are not sure if they are breaking the law. Failure to comply with federal regulations can result in severe consequences such as fines, probationary periods of oversight by federal agencies and criminal penalties up to and including imprisonment, making it all the more critical that organizations have a clear strategy in place to protect themselves, their clients, their employees and their reputations. To what extent do you think sensitive company data is at risk due to employees accessing information from personal devices? What percent of your organization s sensitive data do you think is at risk due to end users accessing information from personal devices? Great risk 22% 34% 75% to 100% 12% 20% Somewhat at risk 51% 39% 50% to 74% 10% 14% Not much risk 22% 21% 25% to 49% 18% 15% No risk at all 5% 6% 10% to 24% 32% 24% TEKsystems.com 7

35% Risk to company (continued) 65% Are you confident that your organization s policy adheres to government-mandated regulatory compliance (e.g., data protection acts, privacy, Dodd-Frank, HIPAA)? 35% 25% 65% 75% Yes No Yes No 25% Challenges faced Clearly, the trend presents a challenge of conflicting objectives for IT. Accessibility and employee satisfaction are at odds with keeping an organization s data secure and costs down. To address the security concern, organizations must not only consider how and when users access data; they must also think about worst 75% case scenarios, such as a lost or stolen device. If IT is unable to remotely wipe the lost device, organizations risk exposing sensitive company data and ending up on the nightly news. In terms of costs, an effective policy must first address not only the types of devices that will be supported but also the different versions and platforms. It should further differentiate between a business need and a personal support need. Secondly, the policy must consider how support will be provided. Is it performed on a case by case basis through help desk tickets or are end users referred to a resource where they can perform self-help and diagnosis? Finally, the policy should address when support will be provided. Is the help desk on call 24/7 for all employees or is support only offered during business hours? The answers to these questions are not as simple as they at first appear. Today, employees of all levels of technical proficiency not only want to access data when they want and how they want they expect it. However, the fact that only about half of IT leaders and IT professionals report their organization offers sufficient levels of support for their devices is a missed opportunity. If support is too robust, costs will balloon. But if support is too limited, organizations will fail to experience the productivity and efficiency that arise from employees using personal devices to get work done. TEKsystems.com 8

Challenges faced (continued) As an IT leader/professional, what do you despise most about? Security encryption, access, scan and block remote wipe, etc. Does your organization offer a sufficient level of support for the devices end users would like to use for work-related purposes? : 31% : 28% 53% 47% IT support device assistance when issues arise : 19% : 17% Yes No Nothing, I love : 10% : 14% 53% 47% 54% 46% Yes No TEKsystems.com 9

policies less grey area, please Policies are unclear to many Unfortunately the perceptions of the organization s stance are rather murky. Nearly half of IT leaders believe the policy is crystal clear but only about a third of IT professionals agree. It s not entirely uncommon for such a disconnect between leadership and employees on communication about company policy, but there is vastly higher risk for a policy lacking clarity. Since nearly every employee is using a mobile device for work purposes, nearly everyone that doesn t understand the policy poses a threat to the organization. Sixty-five percent of the workforce report that nothing has been communicated, there are no official policy guidelines or employees are not allowed to use their own devices at work. Again, the lack of a policy or lack of communication about it opens the organization to unnecessary risk. However, a strict no tolerance policy may not be the best solution either. Allowing employees to use their personal device for work can increase response time to customers, strengthen employee satisfaction and improve productivity. Organizations need to consider these positive outcomes of and weigh them against their own risk tolerance when formulating an official strategy. Ironically, the majority of IT leaders and IT professionals say they fully understand their organizations stance on and fully understand the risks associated with. Given the lack of a policy or communication about the policy, this understanding may be based on inaccurate or unclear information. Both IT leaders and IT professionals could be operating under dangerous false assumptions. Equally concerning is that nearly 30 percent of IT leaders those who should be crystal clear as they are responsible for cascading policy indicate they do not fully understand their organizations stance on. Which of the following statements best describes your organization s stance regarding its strategy? There is a clear policy that is well communicated and updated frequently is accepted, but there are no official policy guidelines Employees are not allowed to use their own device while at work Nothing has been communicated about 52% 48% 65% 35% TEKsystems.com 10

Policies are unclear to many (continued) Please select true or false for each of the following statements. True False True False I fully understand my organization s stance on policy/consequences 73% 27% 78% 22% I fully understand the risks of 78% 22% 89% 11% TEKsystems.com 11

Precautions are necessary Approximately half of IT leaders and IT professionals report they have practices in place that address most policy concerns which means that the other half do not. A large number of IT leaders (40 percent) and IT professionals (46 percent) report their organization allows end users to install whatever they want on their devices. While a draconian policy that prohibits everything is not wise, organizations do need to think about how and what is being installed via the corporate network on devices that have access to sensitive company data. Fewer IT leaders (29 percent) and IT professionals (36 percent) have mandatory enduser training in place to protect the company from concerns. The low engagement rate is most likely due to an assumption that, because the end user owns the device, he or she should be savvy enough to know how to keep it secure and aware of general best practices for data access. Making these kinds of assumptions could be costly if an end user fails to have proper security controls in place or has a lackadaisical attitude toward keeping the personal device secure for the sake of their employer. Which of the following does your company currently do or have? Restrict employee access to personal content on work-issued devices 69% 69% Capability to remotely wipe data off employee devices 67% 54% Monitor/log end-users network activity on mobile devices and laptops 63% 61% Deploy secure apps without disrupting employees personal data/apps 61% 60% Push and provide updates to mandatory business apps on employees devices 61% 58% Develop mobile apps either in-house or through an outsourced vendor 57% 52% Develop for a sufficient amount of different devices/platforms 53% 50% Allow end users to install whatever they want on their devices 40% 46% Mandatory end-user training to protect your company from concerns 29% 36% TEKsystems.com 12

TEKsystems IT Industry Trends Survey Conclusion In the workplace today mobile devices have become a necessary asset rather than a luxury, entrenched in how work gets done. Without a clear, well-communicated policy, organizations will fail to achieve the benefits associated with. If the benefits are not enough to sway organizations to develop a clear policy, they must consider the potentially dire consequences a single security breach or compliance violation will have on their business. The proliferation of mobile devices and their usage in the workplace will only continue to expand. Organizations that ignore the trend or fail to dedicate time and effort to developing a clear policy do so at their own peril. About TEKsystems People are at the heart of every successful business initiative. At TEKsystems, we understand people. Every year we deploy over 80,000 IT professionals at 6,000 client sites across North America, Europe and Asia. Our deep insights into IT human capital management enable us to help our clients achieve their business goals while optimizing their IT workforce strategies. We provide IT staffing solutions, IT talent management expertise and IT services to help our clients plan, build and run their critical business initiatives. Through our range of quality-focused delivery models, we meet our clients where they are, and take them where they want to go, the way they want to get there. Visit us online at www.teksystems.com. TEKsystems 7437 Race Road, Hanover, MD 21076 888.835.7978 www.teksystems.com TEKsystems, Inc. is an Allegis Group, Inc. company. Certain names, products and services listed in the document are trademarks, register trademarks, or service marks of their respective companies. Copyright 2013 TEKsystems, Inc. All Rights Reserved.

TEKsystems IT Industry Trends Survey TEKsystems.com 14