Mark Reeves, vice president of Entrust, explains that even though users may know that a specific mobile device might not be secure, and despite company security policies in place, many users are not adhering to policy. A high proportion of respondents admitted to losing their device they use for work up to three times in one year, and most are using the simplest form of protection the PIN lock,” he said. “Our research also shows that business owners who have the most to lose are among the most reckless.
Personal devices in the workplace are on the rise
Some 52 per cent of respondents bring their own mobile device into work and use it for work purposes, with 71 per cent of 16 to 24-year-olds using their personal mobile at work. This poses a challenge to IT departments that are struggling to put policies and procedures in place to protect corporate data in particular, when individuals increasingly want the ability to use any device in the corporate environment.
The younger generation is more savvy when it comes to security, but more careless with their mobile devices
Encouragingly, 76 percent of 16 to 24-year-olds use a password for business-specific apps, with 58 per cent of users 55 years old or older doing the same. Shockingly, however, 27 per cent of 25 to 34-year-olds are likely to know if their mobile device had been hacked versus just 17 per cent of users 55 years of age or older. However, 37 per cent of 16 to 24-year-olds admitted to losing a mobile device up to three times a year.
The majority of users are applying only the most basic of security precautions
81 per cent use a PIN lock alone to secure the data on their mobile phones. However, among users 45 or older, 36 per cent stated that they did not use a PIN lock at all.
When it comes to securing business apps on the mobile, basic password protection still reigns despite more sophisticated and secure approaches, as 74 per cent admitted to using the simplest form of password to access their business apps. People are still concerned about encryption because they think that it will be difficult to get their data back.
We do not think about security much at work
Furthermore, 60 per cent of users think about security “sometimes”, “rarely” or “never” when they are working.
Users are not aware of or do not adhere to mobile security policies
Despite knowing that their company has an IT policy for mobile devices, 28 per cent admit to not adhering to the policy or not being aware of the details.
The report shows that organisations are increasingly challenged when it comes to properly authenticating both employee-owned and company-issued mobile devices that access corporate systems, data and customer accounts,” said Reeves. Businesses, however, should not let poor user practice get in the way.
Organisations need to encourage users to be vigilant, even suspicious, to help keep the mobile environment from becoming a point of entry into corporate networks. Companies should seek to put best practice guidelines in place to turn their cantankerous and cavalier users into careful users.