A report by mobile phone operator Orange, together with
Quocirca, has found that companies are doing a poor job of securing
workers' handheld devices.
The survey of over 2,000 UK IT professionals found that one in
five companies already with wide deployments of mobile devices has
policies in place for mobile security. And of those that do have
mobile security policies, more than 60% said their policy is not
enforced.
The study found that 80% of businesses believe their employees are
the main threat to mobile security, as IT departments already have
tools to help secure the devices.
Users’ attitudes, which often border on the irresponsible and
careless, are generally accepted to be more of a challenge than the
technology. A significant percentage of companies already believe
their mobile users have an irresponsible attitude to security, even
among those with experience of broad usage.
One suggested reason that IT departments may not be implementing
mobile security policies effectively is that handheld devices are
often viewed as being cheaper, easier to replace, and of less
intrinsic value than laptops. In reality, however, the corporate
data they are carrying has significant value, and in many cases,
such devices can access other valuable corporate data.
One policy that IT departments could use is remote management
when a device is lost or stolen, remotely wiping the data on the
device or rendering it unusable. Whatever policies they adopt,
there is little doubt that mobile security will continue to be a
major concern for organisations this year.