As a result of their widespread adoption, smartphones are becoming an increased security risk according to new research released by Credant Technologies.
Virtually all, 94%, of 300 IT managers surveyed at this years' InfoSecurity Europe exhibition regarded smartphones as a growing security risk with concern higher among enterprises with more than 1000 employees (97%) than smaller organisations (91%).
Yet despite these concerns, or perhaps driving them, was the general picture of firms not implementing security mechanisms for their smartphones. Only 30% of firms had mobile and smartphones covered in their security policy and a concerning 10% and 9% encrypted the devices and the files held on them respectively. Also, a worrying 44% of respondents did not employ password protection on their devices every time they used it.
Worse still, even though only 30% of firms used a mobile or smartphone to access the corporate network , just a fifth of smartphones were used according to a defined access control policy and only 9% non-company approved mobile devices were locked out of access to the corporate resources.
By way of contrast to the concern over smartphones and mobiles, 88% and 79% respectively of firms thought that mobile storage devices and laptops were a security risk to their organisation. In the case of laptops, of those who thought them a risk to the organisation, 56% believed this was because of lack of encryption.
Commenting of the findings, Peter Mitteregger, European vice president at Credant Technologies warned firms of the ramifications of not taking mobile security so seriously. He said,” Companies need to regain control of these devices and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate."
"I'm really shocked by the results of this survey, especially given the current security climate and the level of knowledge of the sample, that this practice goes on in organisations today, " remarked Peter Mitteregger, European Vice President for Credant Technologies. "Companies need to regain control of these devices, and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate. Cost effective solutions exist to mitigate the risks posed by these endpoints after all, there's no point employing leading technology to secure the front door if the back door's left wide open!"