Report: 85 Percent of Educational Institutions Allow BYOD, Yet Security Lags Behind

• By Joshua Bolkan
• 05/21/13

Eighty-five percent of educational institutions allow instructors or students to use their own devices on institutional networks according to a new survey from Bradford Networks.

Based on responses from more than 500 IT professionals in higher education and K-12 districts in the United States and the United Kingdom, the "Impact of BYOD on Education" survey found that only six percent of respondents reported that their institution had no bring-your-own-device (BYOD) policy and no plans to implement one.

Other key findings include:

• Among respondents who said their school allows BYOD, 56 percent reported using network access control (NAC) to onboard devices, 17 percent said IT registered each device manually, and 27 percent told researchers they allowed anyone to access the network without registration;
• Fifty-four percent of those surveyed said they do not require users to install any kind of antivirus protection on their devices;
• Higher ed is outpacing K-12 in the use of student-owned devices, with 89 percent of respondents from colleges and universities reporting they allowed students to use their own devices and only 44 percent of K-12 participants reporting the same;
• Among respondents who said they do not allow BYOD, 84 percent reported that they receive frequent requests from students to do so;
• Seventy-eight percent of respondents with a BYOD policy said personal devices were being used "for personal use by teachers and students," 72 percent said they were used to complete assignments, and 52 percent said they were integrated into the classroom;
• Sixty-one percent of respondents reported that their institution uses role-based access, and 38.9 percent told surveyors that all users have the same access to their network; and
• Among institutions that do not allow BYOD, nearly 67 percent said they "do not have the visibility to monitor who is attempting to connect to the network," 62 percent said they "do not have the visibility to monitor which device types are attempting to connect to the network," nearly 64 percent reported that they don't have the resources to onboard user-owned devices, and nearly 69 percent said can't scan personal devices for security software or updates.

"Education institutions have been at the forefront of the BYOD trend for years and in many ways provides a road map for enterprise organizations that are just starting to embrace freedom of device choice for their employees," said Tom Murphy, CMO of Bradford Networks, in a prepared statement. "However, this survey demonstrates that there are still too many organizations that are putting their school's networks at risk through poor security policies.  The mobile device-induced transformation of education needs to be tempered with the proper security strategies that protect students and sensitive information.  This starts with gaining 100 percent visibility into every user and device attempting to connect to its network, and having an automated process to restrict devices that do not meet proper security standards."

For more information, download the full report at bradfordnetworks.com.