- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
Despite highly publicized data breaches, mobile workers still endanger company data with risky behaviors, according to a new survey.
The Web questionnaire of 893 U.S. IT professionals, taken earlier in fall, found that mobile workers, including the IT professionals surveyed, are not following even simple data security procedures and are surprisingly ignorant or uncertain about what, if any, mobile security policies exist.
Yet perhaps more ominous is the fact that company mobile security policies are non-existent, ignored or are not enforced.
The study asked a sample of mainly U.S. IT professionals, in a range of company sizes and industries, about seven data security practices, by them and by their co-workers. The practices were:
• Copying company data to a USB memory stick.
• Accessing Web e-mail accounts from company computers.
• Losing or having stolen a mobile device with company data.
• Downloading personal software, such as an MP3 player, to a company computer.
• Sending business documents from your company e-mail to personal e-mail address.
• Turning off company security settings.
• Sharing passwords with coworkers.
The survey was created by the Ponemon Institute, a research firm specializing in privacy and information management. The Web questionnaire drew responses from 893 self-identified IT professionals, from a total random sampling of just more than 15,000 adults. The study was sponsored by RedCannon Security, a vendor of mobile access security applications for the enterprise. The latest results track with an earlier Ponemon study on “off-network security”.
The report notes that this type of survey has several inherent limitations or potential biases that should make readers cautious about drawing inferences from the data. For example, “it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instructions.” The accuracy of responses can also be affected by the degree to which the sample list is representative of individuals who are IT executives, and by external variables such as media coverage. Still another variable is whether respondents were truthful in their answers.
Even with these caveats, the survey results are troubling.
The Leader in Network Knowledge
Comment