labels: it news
IT professionals sloppy about handheld security issues: Pointsec survey news
16 November 2005

Mumbai: A third of professionals using mobile devices such as PDAs and smartphones don't use passwords or any security protection even though three out of ten of these sloppy handheld happy users store their PIN numbers, passwords and other corporate information on them.

This is among the findings released today from the Mobile Usage Survey 2005, conducted for the fourth year by Pointsec Mobile Technologies, providers of de facto world-wide standard for mobile device security and SC Magazine.

The results are even more staggering considering the survey was conducted amongst IT professionals who are "hopefully" more security savvy than average company employees.

According to the survey, corporate personnel now store vast amounts of corporate data on their mobile devices, including customer contacts, email details, passwords and bank account details as well as personal and private information such as friend's details, personal images and even PIN numbers, without giving much consideration to security.

As a result, a lost PDA or Smartphone with no protection makes easy pickings for common thieves, opportunists, hackers or competitors and could enable them to steal the users identity and get at their corporate information. This could have a debilitating impact on customer confidence, notes survey, and cause an organisation to breach data protection or do untold damage to a company's reputation. On a personal level, it could expose them to fraud, cause embarrassment and wreck personal lives, the survey adds.

Since the survey was first introduced four years ago, awareness of the risks of storing unencrypted data on a handheld is still surprisingly low and needs to be improved to prevent security breaches.

Highlights of the survey:

  • per cent of users do not encrypt the information on their PDA or Smartphone even though sensitive personal and valuable corporate information is being stored on these devices
  • 81 per cent store business names and addresses
  • 45 per cent to receive and view emails
  • 27 per cent store corporate information
  • 59 per cent also use their devices as a business diary
  • 14 per cent use them to store information on their customers.

According to the survey more people than ever before are losing their mobile devices, last year just 16 per cent had lost one, this year it has increased to 22 per cent and of those that did lose their device 81 per cent had not encrypted their information and admitted that they were worried that the information could fall into the wrong hands and not only cause a security risk as corporate and private data could be lost, but also embarrassment as friends and colleagues could be contacted by a total stranger.

Ways to lose handsets
Of those who had lost their handsets, many were concerned that losing their device would cost them money and that they would lose "everything" as they hadn't backed-up their information. Others were upset over losing photos and video clips which had not been backed up.

  • One interviewee lost his Smartphone by "throwing the bloody thing out the window", clearly an overworked IT Director!
  • Travelling with mobile devices still appears to be the most likely way to lose it, with the majority of them not being stolen, but forgotten in taxis, trains or other public places
  • Having one too many drinks in a nightclub or relaxing in a restaurant can also be dangerous as they are the next most common place to lose a device.

When people do lose their mobile device only 40 per cent inform the police as the rest don't believe there is anything that can be done by the police or it costs more to report it than to replace it.

Martin Allen, MD, Pointsec, says, "Handheld devices are now firmly entrenched in our corporate and personal lives and most of us wouldn't be able to function without them, however, with so much information stored on them it's essential to secure them. We believe this survey shows just the tip of the iceberg as it has been conducted amongst IT professionals who are far more security savvy than most other handheld device users. Our advice is secure it, or don't use it!"

What users store in PDA and smartphones:
1. Personal names and addresses: 86 per cent
2. Business names and addresses: 81 per cent
3. Telephone contact details: 71 per cent
4. Business diary: 59 per cent
5. Personal diary: 55 per cent
6. Receive and view emails: 45 per cent
7. Entertainment, games, music, etc: 37 per cent
8. Passwords / PIN numbers: 37 per cent
9. Personal images (photographs): 33 per cent
10. Corporate information: 27 per cent
11. Bank account details: 15 per cent

Rene Millman, online and UK news editor, SC Magazine, says, "I can't believe that so many people wouldn't think to secure data on their PDAs. If you have a mobile device with sensitive data, it has to be secure. We have seen too many incidents where PDAs go missing or stolen only for hackers to use information stored on the device to break into networks or steal money."

 


 search domain-b
  go
 
IT professionals sloppy about handheld security issues: Pointsec survey