Companies are concerned about the security issues posed by smartphones and other mobile devices

According to Ovum, which conducted a survey of enterprise users in conjunction with EEMA, the European electronic messaging association, consumerisation is where employees use the same device for both work and personal activities.

The Symantec-linked study also revealed the need for a layered approach to creating a holistic enterprise security strategy.

Graham Titherington, a principal analyst with Ovum, told Infosecurity that, whilst nearly all of the respondents to the survey said they provided a mobile device to their staff, the bulk were BlackBerry smartphones, with a few iPhones and a "long tail” of other handsets.

"30% of respondents said they ban personal usage of mobile devices, whilst a further 30% said they could use their mobiles for personal emails and so on", he said, adding that 40% were in between, imposing some restrictions on company mobile device usage, but allowing their use for personal email and internet access.

The most interesting aspect of the survey, which took in responses from 92 major enterprises across the UK, was the number of applications that were running on the mobile devices, ranging from comms-related software to social networking and VOIP services.

The survey, which was carried out in preparation for a best practice report – 'Corporate mobile device use and security' from Ovum – found that many enterprises are concerned about employees mixing work-related tasks on their mobile devices with social networking, web conferencing, media sharing and other personal activities.

Eighty percent of respondents, says Titherington, the author of the report, believe that smartphones expose their business to attack, with data leakage cited as the top security concern.

"Employees will want to use their devices, no matter who owns them, for both their work and personal lives", he said, adding that it is unrealistic to delineate between these uses for employees who are mobile and working out of the office for a large part of their time.

"That means organisations must establish a holistic security strategy that addresses the consumerisation of this fast-growing channel into corporate networks and data", he explained.

Over at Symantec, Mike Jones, the firm's mobile security specialist, said that, for many professionals, the mobile phone has become a mobile office.

But that, he says, doesn't mean enterprises need to leave themselves vulnerable to data breach, malware and other threats.

"A layered approach to mobile security allows enterprises to protect themselves and their users at every point of access, even before a phone receives a message or data transmission", he said. 

What’s Hot on Infosecurity Magazine?