08
magazine
www.binfo.co.uk
agenda
Senior IT managers are caving in to employee
demands for the latest mobile technology,
despite serious misgivings about the use of
employee-owned devices in the workplace.
A Dimension Data survey of 200 IT business
decision-makers in UK organisations with
more than 500 employees found that 84%
of CIOs and IT managers believe that user-
owned devices, such as iPads, tablets, laptops
and smartphones, represent a signifcant and
growing security risk. Even so, more than half
(51%) allow employees to use such devices for
work.
Moreover, of those who do allow user-
owned devices, 39% do not use encryption, a
fundamental IT security measure to protect
corporate data.
Opening up corporate data to support
mobility represents another risk that many
businesses are failing to address, with 17%
of organisations that support remote or
mobile working neglecting to install anti-virus
protection on mobile devices: one third don’t
have any anti-spam protection.
Chris Jenkins, Security Solutions Line of
Business Manager at Dimension Data UK, said:
“Our study shows that the biggest cause of data
loss is via accidental loss by employees. If you
allow employees to connect their own devices
to the corporate network, you have to accept
that company data will be stored on them
when the user leaves the premises. High-value
smartphones, laptops and tablets are prime
targets for thieves and can be compromised
by malware, potentially making it easier for
attackers to steal logon credentials, account
details or commercially sensitive information.
Unless you have plans to protect data against
this threat, by using security measures such as
encryption, you’re risking accidental or even
malicious losses.”
Dimension Data warns that even if a
business doesn’t allow user-owned devices in
the workplace it is likely to have the same data
security challenges, as employees are bringing
their own gadgets to work regardless. A recent
global study by Unisys found that 95% of
respondents use at least one self-purchased
device for work.
“Completely unmanaged mobile devices
connecting to the corporate network are
obviously a greater security risk than sanctioned,
managed devices so their growing presence at
work makes this issue even more critical,” said
Jenkins.
“The challenge is to secure data when the
network is increasingly porous and workers,
suppliers, partners and so on are taking the
business equivalent of the crown jewels out of
the tower on a daily basis, using an increasing
variety of devices.”
www.dimensiondata.com
iPad users work longer
iPad owners who use their devices for business
say they have spent 10% more time working
since they got their iPad, according to Seven’s
latest
Generation i
survey. Over a third (35%)
use the device when commuting and 40%
use it when travelling for business. Seven’s
fndings are echoed by a recent YouGov survey
for Citrix Online, which found that small
companies that have integrated the use of
personal communications devices, such as iPads
and iPhones, into their business are achieving
productivity increases of 30% or more. One
third of businesses have recorded productivity
improvements of 10%, with 11% citing savings
of more than 30%.
Civil servants have reservations
Four out of fve UK civil servants are concerned about the use of personal smartphones in the
workplace, while more than two thirds (68%) think that personal laptops raise IT security risks,
according to a survey by Dods for IT security frm Sophos.
A separate Sophos survey of consumer attitudes to IT consumerisation validates these misgivings,
with 48% of respondents admitting that they didn’t consider security issues when using mobile
technologies.
Ollie Hart, Sophos’s head of public sector business, said: “People need to start applying the same
security principles to their personal devices as they do to their work equipment, especially if they’re
bringing smartphones and laptops into the work place. All devices should have security features
enabled, such as passcode protection and encryption, in case mobile devices are lost or stolen.”
Fewer than one in four IT professionals
(23%) believe that the benefts of
employees using personal devices for
work activities outweigh the risk to the
enterprise, according to the
2011 ISACA IT
Risk/Reward Barometer
.
A survey of 2,765 of its members by the
global IT association ISACA found widespread
opposition to the BYOD (bring your own
device) trend, which allows employees to take
advantage of more powerful and affordable
mobile devices.
In the UK, 61% of respondents believe
that any employee-owned mobile device
poses a greater risk to the enterprise than
company-supplied devices.
Almost half (48%) said that the main risk
presented by personal devices with access
to the corporate network was the storage
of company data in an unsecured manner,
followed by loss of devices (26%).
More than 8 out of 10 respondents said
their organisation had a security policy in
place for mobile computing – although
31% admit their policy needs updating or
communicating.
www.isaca.org/risk-reward-barometer
Employees set IT agenda in the workplace
Risks of IT consumersation
outweigh benefts
Only 4% of smartphones and tablets are
protected with third party security software,
according to a new report from Juniper
Research,
Securing & Protecting a Mobile
Future
. However, the increasing extent to which
personal and corporate data is stored on mobile
devices, plus growing use of smartphones like
the new BlackBerry Bold 9900/9330 – RIM’s
frst NFC device for contactless payments –
to pay for goods and services, are expected to
create a $3.6 billion opportunity for mobile
security software providers. By 2016, Juniper
Research expects 277 million mobile devices to
have some kind of protection installed.
www.juniperresearch.com