Mobile workers shirking security responsibilities

As mobilisation increases, the security risks increase as a result of unsafe and sometimes reckless end-user behaviour

Mobile workers are falling short of their responsibilities when it comes to security, according to a recent study by Cisco and the US National Cyber Security Alliance (NCSA).


The study, conducted by independent market research firm InsightExpress, examined behaviours of mobile wireless workers using smartphones, PDAs, laptops and other devices and found that as companies continue to mobilise, the security risks increase as a result of unsafe and sometimes reckless end-user behaviour.


According to IDC, the number of mobile workers in the U.S. is expected to reach more than 70% of the country's total workforce by 2009. Korn/Ferry International reports that, globally, 81% of executives are constantly connected via mobile devices.


One of the issues contributing to a lack of security when the workforce becomes mobile is the end-user perception that corporate mobile devices are also personal devices and that there is little risk involved in some practices.


"Mobile devices have real access to real data," said Cisco security director Fred Kost. "The perception is [that] it's a personal device -- 'I'm on my device.' "

The study gleaned its results from more than 700 mobile employees in seven countries that have widely adopted mobile and wireless technologies -- the U.S. , U.K. , Germany , China , India , South Korea and Singapore .


Nearly three out of every four mobile users -- 73% -- queried said they are not always cognisant of security threats and best practices when working mobile. Many said they are sometimes aware of potential security risks, but 28% conceded that they "hardly ever" consider security risks and proper behavior. Some even went so far as to admit that they never consider safe best practices and didn't know they needed to be aware of security risks.


More startling were some of the responses mobile workers gave when asked why they were lax in their security behavior. Reasons offered included, "I'm in a hurry," "I'm busy and need to get work done," "Security just is not top-of-mind for me," and "It's IT's job, not mine."


Mobile workers polled said they often use unauthorised wireless connections. Either hijacking a neighbor's wireless network connection or an unauthorised connection in a public place, one third of mobile users said they use unauthorised wireless. China had the most extreme cases, with 54% saying they've used an unauthorised wireless network. In the U.S. , 20% of respondents said they use unauthorised wireless connections.

Read more on IT risk management