According to survey of 300 senior IT staff, smart phones pose more of a threat to business security than laptops, largely due to user mentality; for one reason or another, many smart phones just don’t seem to be getting the protection their lap dwelling counterparts might.
While 4 out of 10 (that’s it?) IT guys were encrypting the crucial stuff on company laptops, 9 out of 10 smart phones had access to the company network without any security past what is inherently part of the protocol, and 81% of those purportedly had no access restrictions at all. Sure, there’s no such thing as the perfect lock - but even a basic password might keep Joe Commonthief from digging around before getting frustrated and trashing the device.
All of these statistics — including the laptop encryption rate — are worrying, to say the least. Having to type in an extra password or two can be a pain, but it’s a lot better than having to tell all of your customers that their private data just got jacked because some executive didn’t want to punch in his cat’s name a few times a day.
Photo Credit: CarbonNYC
Greg,
Great post and I agree with you 100%. What most of these IT guys do not know however is that there is a solution that they can use. One that is just as powerful as their computer security is. SMobile Systems makes an anti-virus sweet STRICTLY for smart phones and it works across every platform including the much buzzed about iPhone. Just wanted to throw that out there and say again…great story.
1.) Sweet = Suite
2.) The issue isn’t virus protection, it’s security if the device falls in the wrong hands.
3.) If you’re going to plug your own product, grow a brain cell first.
The article brings up a great point. As these devices become “smarter” (direct mail server connections; WiFi; BT; RDP connections, etc), their security considerations should scrutinized more and more.
As ususal, the greatest vulnerability lies in the “human factor”…policies and enforcement of said policies need to be near the top of the “network security” list. This is true, regardless of company size. I am very pleased to see that more centralized management tools are being developed for these devices (i.e. System Center Mobile Device Mgr.2008, BES, Good Messaging Server). This way, the policies that are needed can be “pushed” to the units directly.
The next big challenge is dealing with the backlash from users complaining about being forced to enter a secure password when they “just want to make a call”. :-)
sweet=suite
I give it to you. I frankly never would have figured that one out.