May 31, 2011
As more employees mix business and pleasure via mobile devices, more companies struggle to keep sensitive information safe.
CNN reported that a survey of 1,500 companies by security firm McAfee and Carnegie Mellon University revealed that while 95 percent of companies have mobile security policies in place, only one third of employees are aware of such policies. Furthermore, most companies reported that workers do not know how to use the permissions and access settings that are on their mobile devices. As a result, most companies face unforeseen security issues.
According to research firm Gartner, in the last two years the use of smartphones has increase dramatically, reported USA Today. This year, worldwide smartphone sales are expected to top 467 million units, while tablet PC sales and e-reader sales should approach 70 million and 14.7 million, respectively. However, with so many different devices, security technicians often have trouble keeping up.
"Control of these devices has become very complex because of the varying software and device types," explained Patrick Sweeney, product management vice president at network security firm SonicWall.
Moreover, CNN noted that security issues are further complicated by the fact that 63 percent of mobile devices are used for both business and personal use. Even if a company does not provide a mobile device, many employees will use their personal devices for work-related activity.
User behavior is often a big risk factor. For instance, SC Magazine reported that about half of survey respondents said they stored passwords, PIN numbers or credit card information on mobile devices. One in three workers had sensitive work-related information on their mobile phone or other device.
CNN noted that lost or stolen mobile devices are the biggest concern among both consumers and companies. Forty percent of companies surveyed said they have experienced lost or stolen mobile devices, with half of those devices containing "business critical data", such as customer data, corporate intellectual property, financial data and employment data.
Companies also worried that employees might share sensitive data in unauthorized ways via mobile devices. Many were also concerned that employee use of mobile devices would expose their networks to malware.
"As mobile devices become a replacement for the desktop computers, the problem of malware (malicious software) will grow significantly on the mobile platform," said Anup Gosh, founder of Web browser security firm Invincea, to USA Today.
While companies work on improving security on mobile devices, David Goldschalg, vice president of mobility at McAfee, told SC Magazine that security should be seen as a two-way street.
"Education and responsibility are very important, especially as the BYOD (bring-your-own-device) model starts to dominate," said Goldschalg. "Users have a responsibility to their employer to protect corporate data, and have to be an active partner in that process."
Compiled by CityTownInfo.com Staff
"Personal mobile devices create security headaches for biz," USAToday.com, May 30, 2011, Byron Acohido
"Risky mobile behaviors routine in business," scmagazineus.com, May 25, 2011, Angela Moscaritolo
"Work-issued mobile devices emerging as key security risk," CNN.com, May 24, 2011, Amy Gahran