UK businesses falling behind on mobile security
Hackers focus on stealing money, especially via mobiles
Smartphones and tablets are flooding the workplace, but users appear to dismiss the security of these devices.
That is the key finding from new research from identity-based security solutions company Entrust, which looked into mobile security in the workplace in a study called ‘Risky Business: The State of Mobile Security in the UK'. Findings showed UK business owners can be careless of mobile security, putting personal and business data at risk.
Three types of users were identified in the study. Careful users applied basic security to data using a PIN lock. They always thought about the security of the data they were using; and constantly abide by their company's mobile IT policy. Cavalier users applied basic security to data, but shared their PIN with family members and colleagues, whilst sometimes thinking about the security of the data used, and they didn't know what their company's mobile IT policy requires. Those labelled as cantankerous didn't apply security approaches to their data, with some not having a PIN lock. The study further indicated that users rarely thought about the security of the data being used, and didn't comply to the company's mobile IT policy.
It was also found that personal mobile devices are being used more in the workplace, with 52 percent of employees using their own devices for work purposes. This challenges IT departments to put policies in place to protect company data.
The majority of those bringing their own devices into work are 16 to 24 year olds; who despite losing their devices up to three times a year, have been named more ‘tech savvy' than older employees. A large percentage of 16 to 24 year olds compared to older employees use passwords for business-specific apps, and are likely to know when their device has been hacked. However, when securing business apps on mobiles, even the ‘tech savvy' prefer basic password protection to more sophisticated means of security, such as encryption - possibly because of concern that it may be difficult to retrieve data.