Partner Article

New Research Shows Cavalier and Cantankerous Attitudes to Mobile Security is Putting UK Business Data at

Despite the growing prominence of mobile device use – and the fact that mobile has the potential to be a highly secure platform – businesses and users appear to be cavalier in their attitude toward the application of mobile security in the workplace. New research released today by Entrust, a leading provider of security solutions, shows that UK business data is currently at risk as a result of haphazard approaches to keeping mobile devices secure.

“Even though users may know that a specific mobile device might not be secure, and despite company security policies in place, many users are not adhering to policy,” said Mark Reeves, vice president, International, Entrust. “A high proportion of respondents admitted to losing their device they use for work up to three times in one year, and most are using the simplest form of protection – the PIN lock. Our research also shows that business owners who have the most to lose are among the most reckless.”

The study, “Risky Business: The State of Mobile Security in the UK’, identified three types of user approaches to mobile security:

Careful: These users consistently apply basic security approaches to protect the data on their mobile devices (74 percent use a PIN lock and never share it with anyone) and they always think about the security of what they are accessing when at work (40 percent). They are also aware of their company’s mobile IT policy and adhere to it (56 percent).

Cavalier: These users apply basic security approaches to protect the data on their mobile devices, but freely share their PIN lock with colleagues and/or friends and family members (7 percent). They sometimes think about the security of what they are accessing at work (44 percent) and while they are aware that their company has a mobile IT policy, they do not know what it entails (13 percent).

Cantankerous: These users do not apply basic security approaches to protect the data on their mobile devices (19 percent do not use a PIN lock at all) and they rarely or never think about the security of what they are accessing when at work (17 percent). And, while they are aware of their company’s mobile IT policy, they do not adhere to it (13 percent).

Main report findings:

Personal devices in the workplace are on the rise

52 percent of respondents bring their own mobile device into work and use it for work purposes with 71 percent of 16- to 24-year-olds using their personal mobile at work. This poses a challenge to IT departments that are struggling to put policies and procedures in place to protect corporate data - in particular, when individuals increasingly want the ability to use any device in the corporate environment.

The younger generation is more savvy when it comes to security, but more careless with their mobile devices

76 percent of 16- to 24-year-olds use a password for business-specific apps compared to 58 percent of users 55 years old or older. 27 percent of 25- to 34-year-olds are likely to know if their mobile device had been hacked versus just 17 percent of 55 plus-year-old or older. However, 37 percent of 16- to 24-year-olds admitted to losing a mobile device up to three times a year.

The majority of users are applying only the most basic of security precautions

81 percent use a PIN lock alone to secure the data on their mobile phones. However, among users 45 or older, 36 percent stated that they did not use a PIN lock at all.

When it comes to securing business apps on the mobile, basic password protection still reigns despite more sophisticated and secure approaches

74 percent are using the simplest form of password to access their business apps, while the use of more sophisticated approaches – such as encryption, voice recognition and face scanner – are low. People are still concerned about encryption because they think that it will be difficult to get their data back.

We do not think about security much at work

60 percent of users think about security sometimes, rarely or never when they are working. Alarmingly, 22 percent of business owners think about security rarely or never.

Users are not aware of or do not adhere to mobile security policies

Despite knowing that their company has an IT policy for mobile devices, 28 percent admit to not adhering to the policy or not being aware of the details.

“The report shows that organisations are increasingly challenged when it comes to properly authenticating both employee-owned and company-issued mobile devices that access corporate systems, data and customer accounts,” added Reeves. “Businesses however should not let poor user practice get in the way. Organisations need to encourage users to be vigilant, even suspicious, to help keep the mobile environment from becoming a point of entry into corporate networks. Companies should seek to put best practice guidelines in place to turn their cantankerous and cavalier users into careful users.”

The study was carried out by an independent research firm, Opinion Matters, between 29th May 2014 and 3rd June 2014. The survey sampled 504 UK workers. To obtain a copy of the full report, Risky Business: The State of Mobile Security in the UK, contact 0118 953 3000.

About Entrust, Part of Datacard Group

Entrust offers software authentication platforms that strengthen security in a wide range of identity and transaction ecosystems. Government agencies, financial institutions and other enterprises rely on Entrust solutions to strengthen trust and reduce complexity for consumers, citizens and employees. Now, as part of Datacard Group, Entrust offers an expanded portfolio of solutions across more than 150 countries. Together, Datacard Group and Entrust issue more than 10 million secure identities every day, manage billions of secure transactions annually and issue a majority of the world’s financial cards. For more information about Entrust solutions, call 0118 953 3000, email entrust@entrust.com or visit www.entrust.com.

This was posted in Bdaily's Members' News section by Mark Reeves, SVP International for Entrust .