Data loss from mobile devices highest in Canada
Phones, laptops common at work but security features and policies less so, survey finds
Canada and Italy suffer the greatest data loss from smartphones and other mobile devices in the workplace, according to survey of IT professionals in 12 countries.
The survey, called the Global Study on Mobility Risks, found that 58 per cent of several hundred IT and data security professionals surveyed in Canada and Italy reported workplace data losses and security breaches linked to the use of unsecured mobile devices.
The survey, conducted by the Ponemon Institute for the data protection company Websense, includes responses from more than 4,600 IT and data security professionals in a dozen countries, including Canada, the United States, India and the United Kingdom. The institute says it does not typically calculate the margin of error for such surveys.
Survey respondents had been in the business an average of 10 years, and more than 40 per cent are at companies with more than 5,000 employees.
The survey defined mobile devices as laptops, smartphones, USB keys and tablets. Both the bring-your-own-device phenomenon, whereby workers opt to use their own gear for work, and company-provided mobile work tools offer opportunities for data leakage, said Fiaaz Walji, Canadian country manager for Websense.
"When you add the fact that these mobile devices have cloud-based applications, free access to social sites, and a lot of them carry sensitive data on them, the security risk has just skyrocketed," said Walji.
Out of 421 Canadian IT professionals surveyed:
- 62 per cent said that there has been an increase in malware infections due to the mobile devices in the past year; another third were unsure.
- 34 per cent said data breaches had to do with confidential information.
- 50 per cent of organizations said they require specific security settings, but only six per cent said all employees are compliant.
- 45 per cent said employees circumvent or turn off passwords, key locks and other security features.
- 33 per cent surveyed said their organization does not have a policy to deal with use of mobile devices; another 34 per cent said they did not know if their organization had one or not.
Using stationary computers only is not considered an option, with 71 per cent of respondents saying mobile devices are essential. Still, 72 per cent say mobile devices are risky.
Walji advises companies to update and enforce mobile device policies. Sample policies include using passcode locks that stay on at all times or using an online drop-box for mobile access to sensitive documents.