Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Smartphone weaknesses eclipse laptop lethargy

Credant Technologies : 02 June, 2008  (Technical Article)
Startling results of survey amongst IT professionals reveals lax approach to mobile endpoint security and significant security weaknesses in corporate smartphone deployments
With the wide-scale adoption of smartphones within organisations, a staggering 94% of IT Security professionals believe that these devices pose more of a security risk to companies than mobile storage devices (88%) and laptops (79%). That's the stark warning unearthed in a survey released by Credant Technologies, the market leader in endpoint data protection solutions, carried out amongst 300 senior IT professionals. In fact, over half of the security conscious respondents (56%) surprisingly confessed to 'not bothering' to use a password every time they used their own mobile/smartphone - the most basic security precaution and often the first line in defence. Billions is being spent on information security yet companies are leaving their back doors and windows wide open by allowing uncontrolled devices access risking sabotage, hacking and exploitation.

The issue is that, unlike corporate laptops, the majority of these rogue devices are personally owned yet they are still being granted access to the corporate network without additional security (91%) or restrictions (81%) applied. Fundamentally it's a case of the owner being ignorant to the risk posed by their actions. In reality, these devices are easy pickings for an opportunist who gets their hands on one, if lost or stolen, and with a little bit of knowledge could then use the information stored on it to take over the ID of the legitimate owner and gain access to the network! The reality of such a breach will make headline news causing financial implications, embarrassment, brand damage and even customer erosion - it's only a matter of time before the first violation involving a smartphone is reported.

The underlying issue is overlooking the risk posed by insecure end-points and mobile devices with little or no controls in place to contain them. Organisations are obliged to have security policies as part of their regulatory compliance yet an incredible 71% do not cover the use of mobile/smartphones with 68% choosing to ignore USBs/MP3s and other storage devices - almost entirely and blissfully overlooking the security implications. 88% of the people surveyed think that mobile storage devices are a security risk, with this figure increasing to 94% for companies employing more than 1,000 people, so surely its time for their inclusion in the security policy - it's the very least that should be done. Ignorance can no longer be used as an excuse.

Perhaps the most startling figure in this research is that 79% of respondents still feel that laptops pose a security risk. This is evident in the number of organisations having to hold their hands up to having had an unprotected device lost or stolen as was the case for Nationwide, HMRC and Bank of Ireland to name just a few in recent months. 40% of those surveyed confirm that data contained on their laptops is encrypted but that still leaves a further 60% who believe that their information isn't worth protecting - let's hope they're not proved wrong.

"I'm really shocked by the results of this survey, especially given the current security climate and the level of knowledge of the sample, that this practice goes on in organisations today!" remarked Peter Mitteregger, European Vice President for Credant Technologies. "Companies need to regain control of these devices, and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate. Cost effective solutions exist to mitigate the risks posed by these endpoints after all, there's no point employing leading technology to secure the front door if the back door's left wide open!"
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo