Sophos research reveals CIO concerns over mobile data security
March 2012 by Sophos
A survey by Vanson Bourne for IT security and data protection company Sophos has revealed that UK CIOs and IT managers are increasingly concerned about data protection on mobile devices. Three quarters of those surveyed have had to deal with lost or stolen corporate devices, with half of the respondents acknowledging that less than ten percent of devices are ever recovered.
Other findings from the research include:
46% of those surveyed allow or encourage the use of personal mobile devices for work
Only 55% of those allowing personal mobiles in the work place have password policies in place
41% of enterprises do not have a separate budget for mobile device security
As smartphones and tablets become more sophisticated and their functionality increases, business use becomes more appealing, both in terms of increasing productivity and, if privately owned by employees, in lowering IT hardware spend. However, only 24 percent of those surveyed stated that they would feel very secure about the data contained on a mobile device if it was lost or stolen.
The fact that 15 percent of respondents answered that they believe device theft or loss is the biggest threat to their corporate network highlights the scale of this concern still further. In its predictions for 2012 and beyond, industry analyst firm Gartner has forecast that at least 50 percent of enterprise email users will rely primarily on an in-the-browser, tablet or mobile client, instead of the traditional desktop.
“It seems that businesses are eager to embrace the benefits of mobile technologies and the positive impact they can have on operations, but many have not yet got to grips with the security issues that come as a result,” said Matthias Pankert, VP of product management data protection at Sophos. “The survey findings demonstrate that set procedures and agreement over corporate usage are still lacking. Businesses and their IT departments should work towards an environment that encourages productive practices, but also define rules that protect both the individual and organisation against the inherent risks.”