WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Risky Business: The State of Mobile Security in the UK

Despite the growing prominence of mobile device use - and the fact that mobile has the potential to be a highly secure platform - businesses and users appear to be cavalier in their attitude toward the application of mobile security in the workplace. New research released by Entrust shows that UK business data is currently at risk as a result of ‘haphazard approaches to keeping mobile devices secure’.

“Even though users may know that a specific mobile device might not be secure, and despite company security policies in place, many users are not adhering to policy,” said Mark Reeves, vice president, International, Entrust. “A high proportion of respondents admitted to losing their device they use for work up to three times in one year, and most are using the simplest form of protection — the PIN lock. Our research also shows that business owners who have the most to lose are among the most reckless.”

The study, ‘Risky Business: The State of Mobile Security in the UK’, identified three types of user approaches to mobile security:

  • Careful: These users consistently apply basic security approaches to protect the data on their mobile devices (74 percent use a PIN lock and never share it with anyone) and they always think about the security of what they are accessing when at work (40 percent). They are also aware of their company’s mobile IT policy and adhere to it (56 percent).
  • Cavalier: These users apply basic security approaches to protect the data on their mobile devices, but freely share their PIN lock with colleagues and/or friends and family members (7 percent). They sometimes think about the security of what they are accessing at work (44 percent) and while they are aware that their company has a mobile IT policy, they do not know what it entails (13 percent).
  • Cantankerous: These users do not apply basic security approaches to protect the data on their mobile devices (19 percent do not use a PIN lock at all) and they rarely or never think about the security of what they are accessing when at work (17 percent). And, while they are aware of their company’s mobile IT policy, they do not adhere to it (13 percent).

The main report findings of the report include:

Personal devices in the workplace are on the rise
52 percent of respondents bring their own mobile device into work and use it for work purposes with 71 percent of 16 to 24-year-olds using their personal mobile at work. This poses a challenge to IT departments that are struggling to put policies and procedures in place to protect corporate data — in particular, when individuals increasingly want the ability to use any device in the corporate environment.

The younger generation is more savvy when it comes to security, but more careless with their mobile devices
76 percent of 16 to 24-year-olds use a password for business-specific apps compared to 58 percent of users 55 years old or older. 27 percent of 25 to 34-year-olds are likely to know if their mobile device had been hacked versus just 17 percent of users 55 years of age or older. However, 37 percent of 16 to 24-year-olds admitted to losing a mobile device up to three times a year.

The majority of users are applying only the most basic of security precautions
81 percent use a PIN lock alone to secure the data on their mobile phones. However, among users 45 or older, 36 percent stated that they did not use a PIN lock at all.

When it comes to securing business apps on the mobile, basic password protection still reigns despite more sophisticated and secure approaches
74 percent are using the simplest form of password to access their business apps, while the use of more sophisticated approaches — such as encryption, voice recognition and face scanner — are low. People are still concerned about encryption because they think that it will be difficult to get their data back.

We do not think about security much at work
60 percent of users think about security sometimes, rarely or never when they are working. Alarmingly, 22 percent of business owners think about security rarely or never.

Users are not aware of or do not adhere to mobile security policies
Despite knowing that their company has an IT policy for mobile devices, 28 percent admit to not adhering to the policy or not being aware of the details.

“The report shows that organizations are increasingly challenged when it comes to properly authenticating both employee-owned and company-issued mobile devices that access corporate systems, data and customer accounts,” said Reeves. “Businesses, however, should not let poor user practice get in the way.

“Organizations need to encourage users to be vigilant, even suspicious, to help keep the mobile environment from becoming a point of entry into corporate networks. Companies should seek to put best practice guidelines in place to turn their cantankerous and cavalier users into careful users.”

The study was carried out by an independent research firm, Opinion Matters, between 29th May 2014 and 3rd June 2014. The survey sampled 504 UK workers.

www.entrust.com

•Date: 14th August 2014 • UK •Type: Article • Topic: ISM


Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here