When asked about appropriate penalties if they leak or lose company data, one-quarter (25.2 percent) of American enterprise workers surveyed by Absolute Software said there should be no punishment since data security is not their responsibility.
The survey, which focused on the state of bring-your-own-device (BYOD) policies within organizations and the current sentiment of workers regarding responsibility and compliance for corporate data contained on mobile devices, found more than one-third (35 percent) of respondents who had lost their mobile phones stated that they did not change their security habits afterwards.
While 75 percent of respondents felt that they should face some penalty if they lost corporate data, many of those who had lost a device with work data on it said their punishment ranged from “nothing” (34 percent) to simply having to replace the device (30 percent) or getting a “talking to,” but nothing else (21 percent).
“If firms don’t set clear policies that reflect the priority of corporate data security, they can’t expect employees to make it a priority on their own,” Tim Williams, mobile enterprise data expert and director of product management at Absolute Software, said in a statement.
Nearly two-thirds (59 percent) of enterprise mobile users estimated their corporate data to be worth less than $500, and 10 percent of respondents indicated that their employer is not looking to introduce a procedure for the loss or theft of work devices.
About one-quarter (23 percent) of respondents indicated that they do not know their company’s procedure for dealing with work device loss or theft.
The majority of respondents (86 percent) reported they have never lost a work phone. Of those who have, the majority (81 percent) reported being quick to realize it was lost.
The report also noted the lax attitude of workers towards securing mobile devices and the data they contain, even after device loss or theft, could place enterprises and their sensitive data in a vulnerable position.
“The data may be carried around in the employee’s pocket, but the half million dollar fines we’ve seen levied due to data loss come out of the company’s pocket,” Williams continued. “Clear policies, properly articulated to employees, will ensure that the entire company, not just IT, unites against mobile data loss.”
Nearly three-quarters (71 percent) of respondents feel that at least some of their data on their work phone is for their eyes only, and most (94 percent) respondents feel at least some portion of their work phone data is replaceable, and one-third (35 percent) feel that everything on their phone is replaceable.
Email and contacts emerge as the most important information stored on a work phone, with four in 10 respondents ranking them in the top three. Personal and work contacts are rated equally important. Login details for work are also ranked as important by about one-third (36 percent) of respondents, the survey found.