TORONTO – Canada has topped a survey on mobile data loss, with 58% of the Canadian organizations that took part saying that they experienced data loss resulting from employee use of unsecured mobile devices.
The survey, conducted by the Ponemon Institute and sponsored by content security provider Websense Inc., defines laptops, smart phones, USB devices, and tablets as mobile devices. Canada and Italy ranked the highest out of the 12 countries surveyed for mobile data loss.
Designed to help IT security professionals plan for an increasingly mobile workforce, the research also found that organizations often don't know how and what data is leaving their networks through non-secure mobile devices. It noted that traditional static security solutions such as antivirus (AV), firewalls, and passwords are not effective at stopping advanced malware and data theft from malicious or negligent insiders.
Other key findings from the survey include:
– 45% of respondents report that employees circumvent or disengage security features, such as passwords and key locks, on corporate and personal mobile devices;
– 71% of respondents agree that the use of mobile devices in the workplace is important to achieving business objectives, however, 72% believe that these tools put their organizations at risk. Only half of the organizations report having the necessary security controls to address the risk, only 6% say that all employees are compliant, and 5% do not know;
– 62% of respondents say that over the past 12 months, their organizations experienced an increase in malware infections as a result of insecure mobile devices in the workplace. And, out of the 12 countries surveyed, Canada made the top three for the highest amount of infections.
"IT has spent years working on desktop security and trying to prevent data loss over web and email channels – but mobile devices are radically changing the game," said Fiaaz Walji, Websense’s Canadian country manager, in the survey’s news release. "Tablets and iOS devices are replacing corporate laptops as employees bring-their-own-devices to work and access corporate information. These devices open the door to unprecedented loss of sensitive data. IT needs to be concerned about the data that mobile devices access and not the device itself."
