Firms worried over mobile devices' risks
Dubai , November 28, 2010
Enterprises are increasingly concerned about the potential security risks mobile devices pose to corporate networks and data, especially as employees use the same device for both work and personal activities, according to a new study.
The study was conducted by independent technology analyst, Ovum, and the European Association for e-Identity and Security (EEMA).
The study also revealed the need for a layered approach to creating a holistic enterprise security strategy.
According to “Corporate mobile device use and security,” an Ovum Best Practice report, nine of 10 organisations either provide, or soon will provide, mobile devices for employee use, with BlackBerry smartphones outnumbering all other devices.
The report also finds enterprises trying to manage the consumerisation of mobile IT.
'Seventy per cent of employees say they are allowed to use their corporate devices for personal activities. A smaller but still significant number of workers - 48 per cent – say they can use their personally owned mobile devices to connect to corporate systems.'
Still, many enterprises are concerned about employees’ mixing work-related tasks on their mobile devices with social networking, web conferencing, media sharing and other personal activities.
Eight of 10 respondents believe smartphones expose their business to attack, with data leakage cited as the top security concern, the study added.
'Employees will want to use their devices, no matter who owns them, for both their work and personal lives,” said Graham Titterington, a principal analyst at Ovum and author of the report.
“It is unrealistic to delineate between these uses for employees who are mobile and working out of the office for a large part of their time. That means organisations must establish a holistic security strategy that addresses the consumerisation of this fast-growing channel into corporate networks and data.”
Yet the survey found protection to be spotty. Among the 52 per cent of organisations that use some form of authentication for mobile users, 62 per cent rely on simple user name and password sign-on.
Only 18 per cent use Public Key Infrastructure (PKI) certificates, and just nine percent utilise two-factor authentication featuring one-time passwords. One quarter use anti-virus and anti-malware solutions.
“For many professionals, the mobile phone has become a mobile office,” said Johnny Karam, regional director of Mena, Symantec.
'But that doesn’t mean enterprises need to leave themselves vulnerable to data breach, malware and other threats. A layered approach to mobile security allows enterprises to protect themselves and their users at every point of access, even before a phone receives a message or data transmission,' he noted.
The survey comes just weeks after Symantec had announced a major update to its mobile security and management strategy.
Symantec’s broad offering of enterprise mobile solutions helps organisations embrace the consumerisation of IT by allowing users to select the devices of choice while enforcing governance, securing corporate data and gaining visibility and control of all mobile platforms including the iPad, iPhone, Android, Blackberry and others.-TradeArabia News Service