Too Many Employees Unaware of Mobile Device Security Policies

Sue Marquette Poremba
Slide Show

Five Top Mobile Device Risks and How to Protect Your Business

It appears that businesses finally understand the security risks that mobile devices present, since now almost everyone is instituting mobile security policies. That's the good news.


The bad news is that the majority of employees don't know those policies exist. That's the finding of a new study by McAfee and Carnegie Mellon University. The McAfee Mobility and Security Survey interviewed 1500 companies. Other findings include:


  • There is a serious disconnect between policy and reality in the mobile computing environment; both IT directors and users are unhappy.
  • Lost and stolen mobile devices are seen as the greatest security concern in the mobile computing environment among consumers and IT professionals.
  • Although the need for mitigating mobile security risks and threats is acknowledged, risky behaviors and weak security postures are commonplace.


The survey also pointed out a prime reason why it is so important that employers educate and enforce their mobile security policies:


  • Almost half of organizations surveyed are at least very reliant on mobile devices, with 31 percent saying they were "very reliant," and 18 percent saying they were "extremely reliant."
  • Almost seven in 10 organizations are more reliant on mobile devices now than they were 12 months ago. More than half (51 percent) said that has changed somewhat, while 18 percent said things have "drastically changed."


Not only are people reliant on their mobile devices, they are downloading a lot of apps and the line between professional and personal use continues to blur. And McAfee's own 2011 threat prediction stated, according to the survey:

Attacks against mobile devices - including iPhones, Android devices, and more - will escalate in 2011 as criminals seek to tap into fragile cellular infrastructure' to access often unencrypted business and corporate communications. As mobile devices are increasingly commonplace in corporate and enterprise environments, there are more ways for trade secrets and other critical information to escape into the wild - and McAfee believes cybercriminals will increasingly be looking for it.

So what might help improve mobile security for these business devices? Perhaps location software, but if the data is already stolen, locating the device isn't your biggest problem anymore. The survey suggested several ideas, which just so happen to fall into my regular talking points: Educate your employees of security policy, secure the device with the technologies available and be aware of the threats that are out there.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Jun 13, 2011 11:06 AM jessica moore jessica moore  says:

Security attack is burgeoning nowadays because application security is now comprised, and everybody is affected. Somewhere along the line, individuals assumed their private information is protected. To add, now a research by computer security firm via Forensics has clued the tech world into a nasty fact: Mobile applications by LinkedIn, Netflix, and Square place delicate, unencrypted information in a basic text file on your mobile machine. These files could be easy pickings for the unethical hackers of the world. I read this here: Study: Major mobile apps compromise your personal data, newstype.com. I guess everybody must be aware of this fact even the employees.

Aug 23, 2011 4:06 PM Octavian Paler Octavian Paler  says:

The world is going mobile faster than anyone thought it would, and mobile phone security is on the front burner. With the right policies in place, employees can take advantage of powerful and secure smart phones to become more productive away from the office with the proper antivirus security software installed. Most importantly, IT departments need to state clearly that they can confiscate personal mobile phones in the event of a legitimate investigation.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.