Share

Related Links

Related Stories

  • Firms slow to adopt policies on mobile device use at work
    Only 22% of organizations have a formal policy in place governing use of mobile devices at work, according to an online survey by IT industry association CompTIA.
  • RSA 2012: BYOD often means ‘bring your own danger’
    Three-quarters of IT professionals believe that personally owned mobile devices put their organizations at risk and only 39% have the necessary security controls to address the risk posed by the bring-your-own-device (BYOD) phenomenon, according to a Websense-sponsored survey by the Ponemon Institute released Wednesday at RSA.
  • RSA 2012: Mobile devices open corporate floodgates to malware
    The increasing use of mobile devices in the workplace has opened up the enterprise to a “whole new set of vulnerabilities”, warned Enrique Salem, head of Symantec.
  • The BYOD problem: criminal infiltration and data exfiltration
    A solution to the growing ‘BYOD problem’ can be achieved by extending network access control at the servers to include mobile devices in the field by combining NAC and MDM.
  • The Approaching Mobility Maelstrom
    Last year Drew Amorosi polled the Infosecurity editorial board on their predictions for 2011. This year he decided to broaden the sample and find out what the rest of the industry are talking about. What he received was an overdose of mobile security warnings

Top 5 Stories

News

CIOs recognize the mobile threat; but aren’t yet responding to it

07 March 2012

A new survey from Vanson Bourne, sponsored by Sophos, underlines a current anomaly: CIOs believe that mobile devices are a security risk, but aren’t doing much about it.

The survey reveals that less than a quarter of UK CIOs and IT managers believe that data held on mobile devices would be secure if those devices are lost or stolen. Since more than three-quarters of these same people have had to deal with lost corporate devices, and more than half of them admit that less than 10% of lost devices are ever recovered, it would be reasonable to assume that mobile security is high on the corporate agenda.

The survey reveals, however, that it is not. 45% of the respondents that allow mobile devices in the workplace do not have a password policy in place, and 41% of enterprises do not have a separate budget earmarked for mobile device security. This anomaly between understanding and action gets worse: 15% of respondents consider that device theft or loss is currently the biggest threat to corporate networks.

Gartner suggests that by the end of 2012, 50% of enterprise email users will be using browsers on mobile devices. The mobile security issue will only get worse. But what the Sophos survey highlights is that the concerns recognized by CIOs and IT managers have not yet percolated through to the enterprise itself. This could explain the lack of a mobile security budget, but does not explain the lack of policy (such as the failure to implement a password policy).

“It seems that businesses are eager to embrace the benefits of mobile technologies and the positive impact they can have on operations,” said Matthias Pankert, VP of product management data protection at Sophos, “but many have not yet got to grips with the security issues that come as a result. The survey findings demonstrate that set procedures and agreement over corporate usage are still lacking.”

This article is featured in:
Internet and Network Security  •  Wireless and Mobile Security

 

Comments

Chris Mayers, Citrix says:

08 March 2012
The report conducted by Sophos raises a good point, but it’s important to note that the security issues surrounding BYOD schemes shouldn’t become a hindrance to the adoption of flexible working practices within the enterprise. Security has always been an issue for corporate IT networks, and there’s no doubt that consumerisation of IT has sparked further debate.

With the use of personal devices in the workplace set to grow by up to 249% by 2013, CIOs and IT managers need to acknowledge the shift in working practices and the appetite employees have for using personal devices for work purposes. Whilst 85% of organisations in the UK are being driven to implement a flexible environment for their workers, creating a policy for employees using their own devices is only half the battle.

To ensure all corporate data remains under secure control, a seamless solution is needed that protects both the employee and the business, using centralised management of data which is beyond the realms of the device. In doing so, employees can access whatever resources they need, from any device and location, without risking sensitive data being stored locally.

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×