The smartphone revolution is causing security concerns for businesses that provide their workers with mobile devices for personal and business use, according to research by Ovum.
The dual use of smartphones is being termed “consumerisation” and, according to the study, eight out of 10 respondents believe that consumerised business phones could make their corporate information vulnerable to attack, with data leakage cited as the top security concern. Even so, 75 percent of businesses allow their phones to be used as a personal phone.
Many of the enterprises expressed concerned about employees mixing work-related tasks on their mobile devices with social networking, web conferencing, media sharing and other personal activities. For 48 percent of the companies asked, the reverse of consumerisation was true with staff using personal phones for business use, an even greater security headache.
“Employees will want to use their devices, no matter who owns them, for both their work and personal lives,” said Titterington, author of the Corporate Mobile Device Use and Security report. “It is unrealistic to delineate between these uses for employees who are mobile and working out of the office for a large part of their time. That means organisations must establish a holistic security strategy that addresses the consumerisation of this fast-growing channel into corporate networks and data.”
Though strong concerns exist, many of the respondents seem to be relatively cavalier about security. Only 52 percent of organisations said they used some form of authentication for mobile users, and over half of them rely on typically inbuilt protection which uses simple user name and password protection.
Only 18 percent use public key infrastructure (PKI) certificates, just nine percent impose two-factor authentication using one-time passcodes, and a quarter of them use anti-malware.
The research was undertaken on behalf of the European Association for e-Identity and Security (EEMA) in preparation for a co-hosted meeting, with Symantec, of the EEMA UK Regional Interest Group in London next Wednesday.
“For many professionals, the mobile phone has become a mobile office,” said Mike Jones, mobile security specialist at Symantec, “but that doesn’t mean enterprises need to leave themselves vulnerable to data breach, malware and other threats. A layered approach to mobile security allows enterprises to protect themselves, and their users, at every point of access – even before a phone receives a message or data transmission.”
Roger Dean, a director at EEMA, sees the predicament as an “elephant in the room” problem. The business imperative for smartphone implementation, knowing that a security risk exists, is too great to ignore but a lack of understanding on how to combat it drives many businesses to ignore the issue.
“As this new study bears out, putting a smartphone security strategy in place is now a business imperative,” he said. “But how many organisations have the in-house expertise required to develop and implement a mobile strategy that fits seamlessly with their overall security profile?”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…