How Secure is that mobile device?

Real-life study focused on SMB's shows most companies have incomplete security practices when it comes to using mobile devices with company networks.

February 21, 2012

Mobilisafe, a Seattle-based mobile security company, has announced interim results of its small and midsized business (SMB) focused beta study. SMB participants evaluated a product that provides visibility to all mobile devices accessing their company’s network. Over the course of 3 months, Mobilisafe mapped more than 38 million employee mobile device connections that provided key data for their analysis and interim results. This analysis has uncovered several startling insights:

• The majority of SMB’s are highly mobilized, driven by the bring-your-own-device (BYOD) trend of recent years
• SMB IT managers significantly underestimate the quantity and kinds of mobile devices connecting to their network
• SMB IT departments lack solutions to map their corporate standard for information security used with laptops, desktops, and servers to mobile devices. For example, they have tremendous difficulty determining if mobile devices are up-to-date with the latest firmware, and
• Even though there are serious concerns about data risk on mobile devices, SMBs do not feel they have adequate tools to determine those risks and respond to them.

This lack of visibility to mobile devices and their usage can have serious consequences, especially when employee-owned devices are lost, stolen, or resold to others outside the company. The accelerating adoption of smart devices and growing number of available products is creating a large reseller market for replaced devices. For example, Motorola recently announced that refurbished Xoom tablets were accidentally sold with data such as passwords still on the device. Incredibly, half of mobile devices sold on eBay still contain personal information on them.

Some key data from the study:

• On average, >80% of employees are already using smartphones and tablets
• A new device model was introduced to a company for every 6.6 employees
• 56% of iOS devices were running out-of-date firmware, and
• 39% of total authenticated devices were inactive >30 days, prompting concerns and conversations with employees about lost, sold, or otherwise misplaced devices with employee credentials and sensitive corporate data.

"We know that SMB IT departments are severely resource constrained, and do not have the time to get ahead of the issues introduced by an increasing diversity of devices brought to work by employees,” said Giri Sreenivas, CEO, Mobilisafe. “This study confirms the severity of the issues, and the need for a solution that makes it simple to see, assess, and respond to these risks."

www.mobilisafe.com

Edited by Peter Welander, pwelander@cfemedia.com

Visit the Control Engineering Information Control Channel.