While 98 percent of IT professionals are concerned with the potential impact on security that mobile devices can have on the workplace, less than half of respondents are using or plan to use mobile device management or antivirus or malware software to secure and protect devices within the next year, according to a Spiceworks survey sponsored by Samsung.
The study, which was conducted in September and included approximately 300 respondents from the United States from a variety of industries, found that despite growing security risks, budget constraints and a perceived lack of internal concern have led to slow adoption of formal mobile security policies and technology solutions.
Of those that are using or plan to use mobile security software in the next year, 49 percent are turning to mobile device management software and 41 percent are adopting malware and antivirus software specifically designed for mobile offerings.
“Your network’s security is really only as strong as your weakest link, and mobile is just another potential weak spot that companies and IT pros need to watch and plan for,” Peter Tsai, IT content manager for Spiceworks, told eWEEK. “We found that corporate data is on a huge number of mobile devices, especially in the form of email, calendar invites and contacts, which could all contain sensitive information.”
Currently, an average of 55 percent of devices in the workplace are company-owned, 35 percent are employee-owned and 10 percent are employee-owned but company-subsidized, and many IT professionals expect that to shift over the next three years.
More than half (54 percent) of the respondents said they expect an increase in employee-owned devices in the workplace, 47 percent expect an increase in company-owned devices, and 27 percent expect an increase in employee-owned devices that are company-subsidized.
“As employees continue to bring their own devices to work, many expect to be able to stay in touch throughout the day, meaning that companies have to provide at least some form of mobile Internet access, as WiFi is essentially an expected corporate perk these days,” Tsai said. “Doing so potentially opens up new security risks that IT departments will be forced to deal with.”
Employee-owned devices might not have the same level of security that a full company-owned device would, he explained.
“To protect the corporate data that’s on employee devices and to secure access to corporate networks, IT departments need to be vigilant about enforcing mobile security policies, like mandatory passcodes on phones and the right to wipe information off of a phone or tablet if the device is lost,” Tsai said. “This just adds to the workload of IT pros who already have to manage securing more traditional devices on their networks.”
According to the survey, nearly 80 percent of IT professionals support one to two mobile devices per employee.
When asked to specify the types of devices employees are bringing into the workplace, 90 percent of IT professionals said employees are bringing smartphones and 77 percent said employees are bringing tablets.