Even security professionals are weak on mobile security

A small, and arguably statistically insignificant survey of security professionals taken at Infosecurity Europe shows that a surprising number of security professionals have weak personal security regimes for their own mobile devices, despite using them for work 

  • 10 years ago Posted in

A flash poll conducted at Infosecurity Europe, has identified an important trend in the way professionals of all types are coming to rely on the use of third party apps on mobiles and tablets to help manage and perform their jobs.

It must be assumed that the results of the poll cover all professionals, if only because it specifically covered usage pattern by security professionals who, one would assume, should be pretty sure of what they are doing. The evidence of that however, is not as clear cut as might be thought. Indeed, if the percentage of security professionals  who have sloppy security personal practices is spread across all business professionals, then many users may face a significant security problem.

The poll was conducted by Centrify Corporation, which specialises in unified identity services across datacentre, cloud and mobile environments. Surveying visitors to its stand during Infosecurity, it found that 94 percent of IT security professionals use third party applications on their mobile devices for work, with 82 percent using up to 10 apps.

“Applications are now at the heart of corporate IT and have become a vital part of how employees get the job done whilst either in the office or on the move,” Darren Gross, EMEA Director, Centrify said. “Removing access to applications isn't an option - in fact it would create more problems than it would solve. But the risk for organisations is that the more cloud-based or mobile apps employees interact with, the more they create islands of identity that become harder for IT to track and manage.

“How do you authorise access for thousands of employees across multiple devices and platforms? Let alone de-provision them when they leave the company. “Identity and access can often be overlooked, but unless enterprises can find a unified way to securely identify individuals, they risk their business coming to a shuddering halt.”  

The 169 people surveyed may not be considered overly significant, statistically, but they did collectively highlight another issue. Despite being security professionals, a surprising number were also obviously quite sloppy in their own security management regimes with regard to their mobile devices.

Dor example, 7 percent do not believe it is their responsibility to protect corporate information held on their personal device. A further 8 percent do not have a password or PIN enabled on the mobile device that they use for work purposes, potentially exposing organisations to risk.

Even more surprising, despite repeated warnings about the risks posed by WiFi networks, 52 percent of respondents said that they have accessed sensitive corporate information over unsecure networks at locations such as a coffee shop or airport.

“As the poll shows,” Gross observed, “the majority of employees are now leveraging more and more applications on their mobile devices. We are now seeing a greater need than ever for unified security identity across multiple devices and platforms, which is why we have created a full suite of solutions – not only to bring security awareness to the enterprise but also provide the best-in-class tools to reliably protect a firm’s personal data and applications from identity-related risks and attacks.”
 

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...