RSA 2012: BYOD often means ‘bring your own danger’

A disturbing 59% of respondents report that employees circumvent or disengage security features, such as passwords and key locks, on corporate and personal mobile devices, according to a survey of 4,600 IT professionals in 12 countries.

“If I were to lose my mobile device and I don’t have a PIN on it, someone can pick it up and get access to my American Airlines account, they can see my flights and trips, they can see my expense statements, and they can social profile me”, warned Tom Clare, senior director of product marketing at Websense.

“These devices are smaller and easier to lose….If a high percentage of people are not turning on passwords and things like that, then they are just wide open devices”, Clare told Infosecurity.

Over the past year, 51% of organizations experienced data loss resulting from employee use of insecure mobile devices, including laptops, smartphones, USB devices, and tablets.

More than half of respondents said that over the past 12 months, their organizations experienced an increase in malware infections as a result of insecure mobile devices in the workplace.

Sixty-five percent of respondents are concerned with employees taking photos or videos in the workplace, likely due to fears about the theft or exposure of confidential information. Other unacceptable uses of personal mobile devices include downloading and using internet apps (44%), using personal email accounts (43%), and downloading confidential data onto devices (42%).

Clare advised mobile device users to "make sure your device has a PIN, has a lock on it and lock the door; there is a pretty good chance you are going to lose the device.”

To lessen the BYOD risks, Websense introduced at RSA the TRITON Mobile Security product, which provides content-aware data security features to prevent confidential data loss on mobile devices; web and application security, policy controls, and reporting for visibility into the mobile risk profile; malicious app download and mobile malware blocking; and mobile device management.

What’s hot on Infosecurity Magazine?