Only 33% of mobile phones use PIN/password protection, claims Sophos

According to the IT security vendor – which polled 1,075 mobile phone users in the UK for its survey – this was despite almost a quarter of consumers (22%) having lost a mobile phone in the past, and a further 12% having had a phone stolen.

Interestingly, 60% of those surveyed acknowledged that device theft or loss was the biggest security threat to mobile devices, but only 57% said they have password protection enabled even on their laptops, with 18% admitting to using the same password for all of their technology devices.

As well as affecting an individual’s data, Sophos says that lost mobile devices are also a growing issue for businesses since increasingly we are using the one device for both work and personal. In fact, the company adds, users are one of the biggest weak spots in an organisation’s security, making education a key focus for IT managers.

James Lyne, director of technology strategy with Sophos, said that more and more people are using personal laptops, smartphones and tablets when they’re working remotely.

“Whilst this helps to improve productivity and innovation in a business, it is essential to address the security and operational issues relating to mobile devices now, rather than getting caught out later,” he said.

“If an employee’s unprotected personal laptop falls into the wrong hands, it can be easy for someone to access not just personal information, but any work related documents saved on the laptop’s hard drive, or even to use the laptop as a way to gain access to the corporate network,” he added.

Lyne went on to say that most data breaches on mobile devices are typically due to basic security failures such as weak or no passwords being in place, failure to encrypt data or falling victim to phishing or other social engineering attacks.

“If devices are used for business, it’s important that IT teams get the basics under control. By making sure that they can purge devices when they go missing, businesses can both minimise the risk of data loss and can also satisfy regulators”, he explained.

To help businesses educate their employees on the threats associated with mobile technology, Sophos has released a free mobile security toolkit containing top tips for users for creating secure passcodes, a user-targeted video and presentation, white papers and a sample security policy.

What’s Hot on Infosecurity Magazine?