Billions of Dollars in Security Efforts Rendered Moot

Wednesday, November 17, 2010

Headlines

69dafe8b58066478aea48f3d0f384820

More evidence that convenience trumps security?

A report released by mobile technology vendor iPass reveals that nearly one quarter of employees surveyed admit that they regularly disregard security measures meant to protect sensitive data by accessing corporate networks on non-approved mobile communications devices.

Almost an equal number of those queried indicate they have experienced some form of data loss via mobile devices.

"Un-provisioned smartphones are a significant risk to enterprises. 20% of these mobile employees have experienced a relevant security issue with their smartphone containing business data lost, stolen, infected or hacked," said senior vice-president marketing and product management at iPass Steven Wastie.

The issue is further compounded by the revelation that only one-third of companies have so-called smartphone policies in place.

So, while billions of dollars are spent annually to protect proprietary information on corporate networks, the efforts are being regularly undermined by both a lack of leadership from enterprise security managers and outright laziness on the part of employees.

The problem of convenience trumping security measures is not isolated to the use of mobile devices, as any good security analyst will attest.

Stories abound of employees using non-complex passwords that can be cracked by hackers, or simply writing them down and leaving them where they could easily be discovered.

The problem does not rest on the shoulders of employees alone, as the impetus is on management to create clearly defined security policies and to make the necessary investment in employee education and awareness to ensure the policies have the intended effect.

Source:   http://www.computerweekly.com/Articles/2010/11/16/243964/Third-of-employees-breaching-business-smartphone-policies.htm

Possibly Related Articles:
6587
PDAs/Smart Phones
Data Loss Enterprise Security Mobile Devices Smart Phone Headlines
Post Rating I Like this!
1a7064c205020fd7fd50a987624d2031
Derrick Buxton I think the answer is blocking access to the corporate network from any non approved device.
1293514952
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.