Mobile data security remains weak
Coalfire surveyed 400 individuals working in a variety of industries across North America who are not affiliated with their company’s IT department. Survey findings show that companies are not taking steps to educate employees on mobile device security to help protect company data.
The increasing popularity of smartphones and tablets underscores the importance of corporate data protection on these devices. Gartner forecasts 2013 tablet shipments to grow 67.9 percent, with shipments reaching 202 million units, while the mobile phone market will grow 4.3 percent, with volume of more than 1.8 billion units.
“We are surprised to see results so similar to last year regarding security on tablets and smartphones, especially considering the attention that has been placed on this issue,” said Rick Dakin, CEO and chief security strategist with Coalfire. “The results demonstrate that businesses are not using effective methods to protect critical infrastructure. Security awareness training for tablet and smartphone users should be a top priority for all organizations.”
Recent developments in the smartphone and tablet market may lighten the load for IT departments. Apple’s iOS7, out today, includes a number of new security measures for lost or stolen devices. However, users must enact protections for them to be effective.
Key findings include:
- Nearly half (47 percent) of users reported they still have no passcode on their mobile device (no change from 2012)
- Most users (86 percent) report using the same smartphone for personal and work tasks (compared to 84 percent last year)
- Nearly a third of users report using a single password for all digital access
- Sixty-one percent write down passwords on a piece of paper
- 47 percent of respondents reported their IT department has not discussed mobile/cyber security awareness or best practices with them
- Forty-four percent reported their company does have a mobile device usage policy
- 33.8 percent of respondents stated their companies do not have the ability to remotely wipe data from mobile devices if they are locked, lost or stolen.