Feds using personal mobile devices regardless of BYOD programs – report

A new survey from Lookout found almost 1,800 security threats across mobile devices at 20 different federal agencies.

Your agency’s employees are probably connecting their personal smartphones to your agency’s network — whether you want them to or not.

That’s the finding of a new report from mobile security company Lookout, which explores the growing “Shadow BYOD” problem in federal enterprises. Lookout found that a large number of employees are doing everything from accessing work documents on a personal device to connecting jailbroken or rooted phones to agency networks.

Forty percent of the approximately 1,000 federal employees surveyed admitted to ignoring any kind of personal smartphone guidelines for use, saying the rules have little impact on how they use the devices in their everyday work.

Even if employees are using agency-issued phones, they are still putting networks at risk. Twenty-four percent of those surveyed say they have downloaded an application outside Apple’s App Store or Google Play. Those applications can be extremely dangerous, with a proliferation of Trojanized apps and other assorted malware floating around.


Feds know that malware is common because they told Lookout they’ve seen it on their phones. Eighteen percent those surveyed say they’ve encountered malware on their personal or government-issued devices. Yet despite knowing that malware is rampant, nearly half (49 percent) of respondents say they don’t have a security app on solution installed on their mobile device.

“People value their convenience very highly and usually will take the path of least resistance to accomplish their goals — risky or not,” the report reads. “Employee education is important, but federal agencies need technology to back them up when education falls through.”

Read the full report on Lookout’s blog.

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts