Almost a third of employees regularly breach enterprise mobile management policies by using personal smartphones for work purposes, according to a report.
The survey of 1,100 mobile workers by iPass, a provider of enterprise mobility services, found 22% of employees breached their employers' strict smartphone policies when using non-managed personal smartphones to access corporate information, putting data at a security risk.
"Un-provisioned smartphones are a significant risk to enterprises," said Steven Wastie, senior vice-president marketing and product management at iPass. "20% of these mobile employees have experienced a relevant security issue with their smartphone containing business data lost, stolen, infected or hacked."
Sign-up to Computer Weekly to download the full iPass Mobile Workforce report
The research also found only a third of enterprises had a multi-smartphone policy.
In response to the survey findings, Rob Bamforth, principal analyst at Quocirca. said, "Whether it's a 'nod and wink' self-choosing policy or a company policy, the reality is that employees will use their own mobile phones and companies need to drop the denial and accept the amnesty approach. There has to be a set of reasonable policies that govern the use of mobile phones and smartphones so everyone understands the obligations.
"Devices that are less accepted should have limited use of business applications. You need a defined policy to say all that. But this isn't something that a security manager should do in isolation. It needs to be worked through with all people in business so policies respond to what's important for work to get done," said Bamforth.
Read Computer Weekly's buyer's guide for smartphone management.