Skip to main content

Smartphones Outweigh Laptops When It Comes To Security, Says Survey

With the wide-scale adoption of smartphones within organisations, a staggering 94% of IT Security professionals believe that these devices pose more of a security risk to companies than mobile storage devices (88%) and laptops (79%).

That’s the stark warning unearthed in a survey released today by Data Specialists Credant Technologies carried out amongst 300 senior IT professionals.

In fact, over half of the security conscious respondents (56%) surprisingly confessed to ‘not bothering’ to use a password every time they used their own mobile/smartphone – the most basic security precaution and often the first line in defence.

Billions are being spent on information security yet companies are leaving their back doors and windows wide open by allowing uncontrolled devices access risking sabotage, hacking and exploitation.

The issue is that, unlike corporate laptops, the majority of these rogue devices are personally owned yet they are still being granted access to the corporate network without additional security (91%) or restrictions (81%) applied. Fundamentally it’s a case of the owner being ignorant to the risk posed by their actions.

In reality, these devices are easy pickings for an opportunist who gets their hands on one, if lost or stolen, and with a little bit of knowledge could then use the information stored on it to take over the ID of the legitimate owner and gain access to the network!

The reality of such a breach will make headline news causing financial implications, embarrassment, brand damage and even customer erosion – it’s only a matter of time before the first violation involving a smartphone is reported.

The underlying issue is overlooking the risk posed by insecure end-points and mobile devices with little or no controls in place to contain them.

Organisations are obliged to have security policies as part of their regulatory compliance yet an incredible 71% do not cover the use of mobile/smartphones with 68% choosing to ignore USBs/MP3s and other storage devices - almost entirely and blissfully overlooking the security implications.

88% of the people surveyed think that mobile storage devices are a security risk, with this figure increasing to 94% for companies employing more than 1,000 people, so surely its time for their inclusion in the security policy – it’s the very least that should be done. Ignorance can no longer be used as an excuse.

Perhaps the most startling figure in this research is that 79% of respondents still feel that laptops pose a security risk.

This is evident in the number of organisations having to hold their hands up to having had an unprotected device lost or stolen as was the case for Nationwide, HMRC and Bank of Ireland to name just a few in recent months.

40% of those surveyed confirm that data contained on their laptops is encrypted but that still leaves a further 60% who believe that their information isn’t worth protecting – let’s hope they’re not proved wrong.

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.