Staff are using more personal mobile gadgets to do their work but the security of the work data they are accessing is not being deployed in return, according to research.
According to YouGov research among 2,000 office workers, in a typical week almost three-quarters (73 percent) of office workers now use one or more personal devices, such as smartphones, to do their work. Nearly half (45 percent) use two or more, confirming the widespread take-up of bring your own device (BYOD) strategies at firms.
But the research shows this is not leading to increased mobile security vigilance from staff, thereby increasing the strain on UK businesses' security operations and their ability to protect their data.
A third of office employees (30 percent) do think they should be made directly responsible for data loss or theft, with 44 percent saying both they and the company should be equally responsible. Only 13 percent thought it was solely the company's responsibility.
Worringly over one third (34 percent) of office workers with a personal device have failed to update their personal device security in the last six months, while a further third of those (11 percent) have never installed or updated security for their own devices.
Recent Information Commissioner's Office (ICO) guidance clarifies that companies are accountable for the loss of data by their employees, irrespective of whether it was on a personal or work device.
Almost a fifth (18 percent) of staff say they have seen their personal gadgets compromised in the past six months, so widespread ICO fines on companies through security lapses on personal devices are drawing nearer.
More than half (53 percent) would not object to their employer strengthening security for their personal device, compared to just 26 percent who would object.
But over a quarter of office workers (27 percent) claim their company has not outlined any sort of policy on using their personal device for work purposes.
Vincent Geake, director of secure mobility at BAE Systems Detica, which commissioned the research, said, "There is a willingness of staff to engage in the security debate and to share the responsibility for security, but they are really looking for employers to take the lead."
Sign up for Computerworld eNewsletters.