A new international study has revealed corporate and personal mobile devices are rapidly compromising business security in Canada.
Seventy-one per cent of respondents in Canada agreed that the use of mobile devices in the workplace was important to achieving business objectives. But 72% also believe these devices put their organizations at risk – and only half of the organizations surveyed have the security controls needed to address those risks.
In Global Study on Mobility Risks, sponsored by Websense, Inc., the Ponemon Institute found many Canadian organizations had data loss resulting from employee use of insecure mobile devices. Some 58% of respondents said that their organizations had experienced a data breach due to unsecured mobile devices.
When asked to indicate the consequences of mobile data breaches, 34% of respondents said it was disclosure of private or confidential information and 28% said it was theft, removal, or loss of information and/or other resources.
Two-thirds of respondents said their organizations did not have a policy that addressed the acceptable or unacceptable use of mobile devices by employees or they are unsure. Of the 33% who report their organization had a policy, 32% said the policy was not enforced.
Respondents who said there was no enforcement of these policies indicated it was primarily due to lack of governance and oversight (66%) and because other security issues were a priority (50%). Thirty-seven per cent cited insufficient resources to monitor compliance.
Additionally, 45% of respondents reported that Canadian employees circumvented or disengaged security features such as passwords and key locks on their mobile devices.
Fiaaz Walji, Websense’s Canadian country manager, said, “IT has spent years working on desktop security and trying to prevent data loss over web and email channels—but mobile devices are radically changing the game.
“Tablets and iOS devices are replacing corporate laptops as employees bring their own devices to work and access corporate information. These devices open the door to unprecedented loss of sensitive data. IT needs to be concerned about the data that mobile devices access and not the device itself.”
