Organisations claim to be more capable of managing mobile devices but almost two-thirds allow their users to store company information on unencrypted smartphone devices.
In its 2010 mSecurity Survey, Goode Intelligence, a specialist provider of information security and mobile commerce research and analysis, found that 68 per cent of information security professionals felt that their awareness level regarding mobile security is adequate, up from only ten per cent this time last year. However overall general awareness has not improved, with 68 per cent stating that they felt that there was no general (end-user/employee) awareness for mobile security.
Alan Goode, managing director of Goode Intelligence, said: “This is certainly an area of concern for information security professionals that needs to be addressed. While the security community has educated itself there is still a lack of awareness amongst end-users. A number of organisations are still failing to implement mobile security policies and even more disturbingly, a significant number allow employees to store company information on their SMDs, including email, without encryption. This is a serious issue for those attempting to control data loss in an organisation.”
The report, which is available to purchase from tomorrow, also found that 64 per cent of organisations allow users to store potentially confidential information to unsecure devices. A further 44 per cent of the organisations surveyed do not have a documented, specific security policy for mobile phone use.
“Smartphones and tablet computers are having a transformational effect on the way that an organisation does business and manages information. They have exploded into organisations around the world and there is enormous pressure on information security and IT functions to business-enable these ‘consumer' devices," said Goode.
“There is a big question over whether information security professionals can keep up with the pace of change currently seen with smart mobile devices and if they can manage the risks associated with them. In 2009 the iPad did not exist yet just one year later our survey shows that some 40 per cent of organisations are seeing iPad adoption, this is a remarkable figure and quite possibly unprecedented.”