Companies still aren’t ready for the risks of a mobile workforce

Believe it or not, it’s been almost ten years since the iPhone’s introduction. While that wasn’t the first smartphone by any means, it marked a serious change in the IT landscape: Suddenly, mobile devices were everywhere, and company data was on them. 

And according to research by Freeform Dynamics Ltd., many companies are still fretting about mobile threats – and struggling to find ways of limiting them.

In fact one-in-five companies (21%) said they were not well-prepared at all to face mobile threats in the coming years.

The User-Centric finds that the lines between personal and work devices aren’t just blurring, they’re darn-near non-existent. Users reported that they:

  • accessed business emails on personal mobile devices (70%)
  • accessed personal emails on business devices (63%), and
  • more than 40% use BYO cloud services on these devices.

It’s little surprise, then, that the IT pros who support these users had serious misgivings about mobile usage. They feared user-created risk through:

  • lack of knowledge or awareness (70%)
  • mishaps or thoughtlessness (69%)
  • neglect or irresponsibility (55%), and
  • malicious insider activity (12%).

How it happens

Part of the problem with mobile devices is that there’s no single way they can hurt your security. IT pros feared everything from lost or stolen devices (64%) to inadvertent data leaks (64%) and device hacking (38%).

In order to address and prevent these threats, the report highlights two possible routes to take.

1. The human factor

Policies are only good as long as they’re enforceable. And creating enforceable BYOD and mobile policies isn’t easy by a long-shot.

This is a critical part of any mobile security plan. But not every organization treated it as such. Only 65% of companies had mobile policies that dictated what was acceptable, and even fewer (48%) offered training and support for mobile devices.

Education is the most powerful tool for getting users to comply with mobile rules. Behaviors they may not even realize are risky could be causing serious harm.

The key: getting users to see that mobile security is for their own good. While some company data is on those phones, a lot more personal data is.

2. Technological protection

Of course IT usually defaults to a different strategy: working around the human factor altogether in order to limit exposure.

IT pros reported using a variety of tools to protect data on mobile devices. These included:

  • encryption of data on devices (58%)
  • mobile device management (47%)
  • data loss prevention measures (41%)
  • antimalware (39%)
  • whitelisting apps and services (33%), and
  • virtual desktops/workspaces (31%).

These tools can all help prevent mobile breaches without relying on the human factor.

On the other hand, IT seemed pretty skeptical of the ability for security measures to actually be enforced. Survey respondents overwhelmingly (89%) said that users would try to workaround security measures that are too cumbersome.

Ultimately, striking a balance is key. Work to convince users that mobile security is important to them, but be prepared with protection measures in place for the times they make mistakes – or purposely avoid using security measures.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy