Enterprises are leaving themselves vulnerable to mobile phone call interception with less than one in five companies protecting themselves adequately.

A survey by Cellcrypt and ABI Research has revealed that the majority of large and medium businesses are failing to adequately protect themselves against the growing threat of mobile voice call interception, leaving them vulnerable to loss of sensitive and confidential corporate information.

Three-quarters of the surveyed corporations had a security policy covering mobile phone calls, and four out of five IT professionals surveyed believed that mobile phones are equally or more vulnerable to interception than email.

Also, 55 per cent of respondents in IT roles thought that their organisation had implemented mobile voice call encryption solutions, but on further investigation only 18 per cent had actually done so.

The problem was highlighted in August when German hackers announced a project to create a code table that cracked the standard GSM cell phone A5/1 encryption. Then, Cellcrypt CEO Simon Bransfield-Garth claimed that the development was worrying, as it marks a massive lowering of the bar for criminal organisations to illegally tap mobile phone conversations.

Here he claimed that the ‘lack of security is particularly worrying'. He said: “Businesses must plan now for the eventuality that their mobile voice calls will come under increasing attack within the next six months. A ‘policy of hope' towards mobile phone security is not adequate, voice is another data service and should be afforded the same security considerations as email and other corporate communications.”

Stan Schatt, vice president and practice director, healthcare and security at ABI Research, said: “Effective email security has become routine but our research shows most businesses do not apply anything like the same level of robust security to cell phone calls. Companies that do not respond are exposing themselves to attack.

“Equally concerning is that a significant number of people who identified themselves as being responsible for cell phone voice call security incorrectly believe the organisations' mobile calls have been protected when they have not. This perception that they are protected when in reality they are not suggests a serious hole in the information security of many businesses.”