Despite the media hype around the adoption of mobile technologies and the need to secure them, relatively few UK organisations are planning mobile security projects, a survey has revealed.
Only 28.4% of IT professionals polled by TechTarget at 200 UK organisations said they planned to implement mobile security initiatives in 2012.
While this appears relatively low, despite the hype, the actual figures of adoption throughout enterprises of smart mobile endpoints remains dwarfed by traditional IT deployments, according to industry analysts.
Most information security professionals are adopting a “slow-go” approach to the widespread adoption of mobile technology, and seeking to do so in a controlled manner, as the technology is not readily understood by the traditional IT support service models, said Mark Brown, chief information security officer at SAB Miller.
“Furthermore, the fact that many enterprises are adopting mobile technology in an uncontrolled manner, may actually mean that the 28% focus evidences that this is a battle that has been lost before it starts, as the consumer has surpassed IT in the provision and does not seek to be weighed down by slow-moving response to the issue,” he said.
Another reason that mobile device security implementations are relatively low – despite IT security managers ranking mobile device security as a top pain point – is that security solutions have not caught up to the problem at hand, according to Daniel Kennedy, research director at 451 Research, a division of The 451 Group.
“Certain providers, Good Technology comes to mind, have put offerings out there allowing the IT manager some managerial control over the mobile devices in his or her environment, but no one’s seem to provide something to match the comfort level that same manager had when he or she could roll out a BES (Blackberry Enterprise Server) and Blackberries to a few executives. Those days appear to be in the rear-view mirror,” he said.
Piers Wilson, senior manager in the information security practice at PricewaterhouseCoopers, said only around a third of companies are actively looking for security around mobile devices, because the front runners have already implemented such systems and the remaining third are not yet ready.
Mobile security remains a challenging area that many organisations are finding difficult, said Dani Briscoe, research services manager at The Corporate IT Forum.
The forum’s End User Device Reality Checker study highlighted the number of personal devices allowed on the corporate network, as well as the numerous corporate devices provided to staff.
Blackberry is still the corporate device of choice closely followed by Apple’s iOS devices as mobile device management solutions come on to the market to allow iPhones and iPads to be deployed confidently across the estate, said Briscoe.
“Mobile security is a very controlled area. Many businesses do not allow devices to connect to the corporate network without acceptance of certain policies, many of which contain the right to wipe the device remotely,” she said.
The study shows that geo-fencing is also being entertained as a possible solution for devices allowed to connect to certain networks in an environment.
“These new strategies must be tempered with the understanding that many may already have these strategies in place,” said Briscoe.
The Corporate IT Forum's 2012 strategy survey found that 39.4% already had user access/mobile strategies in place.