DATA SECURITY – CIOs SAY MOBILE DEVICES ARE TICKING TIME BOMBS FOR DATA BREACHES
Most CIOs believe mobile devices, such as smart phones, are ticking time bombs for data breaches. According to a recent survey by Ovum together with the European Association for e-Identity and Security (EEMA), smart phones increase the business’s vulnerability to attack, and rank data breaches as their top related security concern. Yet half of the organizations surveyed failed to authenticate their employees’ mobile devices, among other basic security measures.
The report, released last month, found employees habitually bring mobile devices to work. Further, 48% of employees are allowed to use mobile devices that they own to connect to corporate systems; 70% of employees using corporate-owned computing devices do so for personal activities; 90% of organizations surveyed provide — or will soon offer — mobile devices to their employees; and most of those organizations said they will use mobile devices such as Blackberry smart phones. (Blackberry has a 37% market share with Apple (24%) and Android (21%) not too far behind).
Mobile device security controls remain a weak point for organizations and are prone to cyber attacks. For example, only half of organizations surveyed use authentication software for their mobile device users. The organizations that use authentication software, about two-thirds, rely on user names and passwords. The more secure method employed by 18% of those surveyed employ public key infrastructure (PKI) certificates. More surprisingly, only 9% employ two-factor authentication with one-time passwords. Another concern, only 1 out of 4 organizations utilizes anti-virus or malware software on its mobile devices.