Majority of Businesses do not Encrypt Data on Company Smartphones
Published on: 25th Nov 2010
Note -- this news article is more than a year old.
A survey of corporate smartphone use found that 64% of users do not encrypt confidential data stored on them. In addition, 44 percent of the organisations surveyed do not have a documented, specific security policy for mobile phones, according to Goode Intelligence.
"Smartphones and tablet computers are having a transformational effect on the way that an organisation does business and manages information" said Alan Goode, Managing Director, Goode Intelligence. "Mobile phone security is an extremely hot topic at the moment and 2010 has been a defining year for the industry. There is a big question over whether information security professionals can keep up with the pace of change currently seen with smart mobile devices and if they can manage the risks associated with them.
"Smartphones, media players and tablet computers running a variety of mobile platforms have exploded into organisations around the world and there is enormous pressure on information security and IT functions to business-enable these 'consumer' devices. In 2009 the iPad didn't exist yet just one year later our survey shows that some 40 percent of organisations are seeing iPad adoption - this is a remarkable figure and quite possibly unprecedented."
Higher level of mSecurity awareness among information security professionals
The survey shows that in 2010 only 32 percent of information security professionals feel that their awareness level regarding mSecurity is inadequate. This is a significant improvement compared to 2009 when the GI mSecurity Survey reported that almost 90 percent considered their awareness to be inadequate. However overall general awareness has not improved with 68 percent stating that they felt that there was no general (end-user/employee) awareness for mSecurity.
"This is certainly an area of concern for information security professionals that needs to be addressed" said Alan Goode. "While the security community has educated itself there is still a lack of awareness amongst end-users. A number of organisations are still failing to implement mobile security policies and even more disturbingly, a significant number allow employees to store company information on their SMDs, including email, without encryption. This is a serious issue for those attempting to control data loss in an organisation."