The mSecurity study – a joint research project between Acumin Consulting and Goode Intelligence – found that, whilst almost 43% of organisations currently feel that the threat from mobile phone data loss is low, this number changes significantly for the perceived threat by 2011 with only 29% continuing to believe that the risk will remain low in a 2011 timeframe.
The survey, part three of a three-part project that conducted wide-ranging interviews with a total of 52 security professionals, found that 28% of respondents forecast that the risk would be high or very high.
Alan Goode, the research firm's managing director, said that the threat to organisations in losing valuable information that is stored on ever-increasingly powerful smartphones, is a real one and one that will grow.
Government figures, he says, suggest that in the UK, around 1.3 million mobile phones are stolen annually and that 28% of all robberies involve theft of a mobile phone.
"Organisations have the capability to protect their mobile phone assets by deploying mobile phone encryption. They have a choice of out-of-the-box encryption services provided by the mobile platform vendor, be it Apple iPhone or Blackberry devices, or to choose third-party products that could be deployed across multiple mobile phone platforms and have the capability to be integrated into existing endpoint encryption services", he said.
Goode went on to say that the report shows enterprises still do not feel that the threat to company data stored on mobile phones is high enough to warrant protection in the same manner that a laptop or a USB memory stick is.
"Only 33% of organisations polled are protecting their mobile phones with encryption products and services.
"However, you can now store gigabytes of information on mobile phones that is as business critical as the information that employees are storing on their laptops or USB memory sticks", he explained.
The most interesting aspect of the survey – which can be downloaded from Goode Intelligence's website – is that almost 90% of respondents felt that the current levels of awareness for mSecurity are not adequate.
This, says the report, is an alarming statistic and to meet the growing threat from using mobile phones in enterprise, information security professionals must raise awareness of mSecurity and educate employees.
Infosecurity notes that the survey results have some very interesting findings for the adoption of mSecurity products and services that enable organisation to protect against data loss and voice eavesdropping and the threat of loss and theft.
There is, the study concludes, certainly low-to-moderate adoption of mSecurity technology and a low-to-moderate perception of the threat to mobile phones.
Both mobile security technology adoption levels and the perceived mobile security threat will, says the study, increase throughout 2010 and 2011.
"The results of the survey also support the current feeling within the information security community that the use of mobile phones within the enterprise will bring security challenges and that these threats will rise over the coming years", says the report.