Although almost a quarter of consumers (22%) have lost a mobile phone in the past, and a further 12% have had a phone stolen, 67% don’t have passwords set up on their mobile phones to protect stored data, according to Sophos.
60% of those surveyed acknowledged that device theft or loss was the biggest security threat to mobile devices, however only 57% have password protection enabled even on their laptops, with 18% admitting to using the same password for everything.
As well as affecting an individual’s data, lost mobile devices are also a growing issue for businesses since increasingly we are using the one device for both work and personal.
In fact, users are one of the biggest weak spots in an organisation’s security, making education a key focus for IT managers. To help businesses educate their employees on the threats associated with mobile technology, Sophos has launched a free mobile security toolkit containing top tips for users for creating secure passcodes, a user-targeted video and presentation, whitepapers and a sample security policy.
“More and more people are using personal laptops, smartphones and tablets when they’re working remotely. While this helps to improve productivity and innovation in a business, it is essential to address the security and operational issues relating to mobile devices now, rather than getting caught out later,” said James Lyne, director of technology strategy at Sophos.
“If an employee’s unprotected personal laptop falls into the wrong hands, it can be easy for someone to access not just personal information, but any work related documents saved on the laptop’s hard drive, or even to use the laptop as a way to gain access to the corporate network.”
Mobile devices have revolutionised the way we access, store and transport information. In order to manage the increased risk of data loss that this presents, companies must adopt wide platform support to cover the vast range of operating systems that are used to access corporate information.
The proliferation of smartphones and tablets, and the variation in operating systems that these devices use, means that the potential attack surface is greater than ever before. Businesses therefore have to ensure that a policy is in place to protect corporate data, regardless of the devices being used to access it.
“Most data breaches on mobile devices are typically due to basic security failures such as weak or no passwords being in place, failure to encrypt data or falling victim to phishing or other social engineering attacks,” continued Lyne. “If devices are used for business, it’s important that IT teams get the basics under control. By making sure that they can purge devices when they go missing, businesses can both minimise the risk of data loss and can also satisfy regulators.”