Based on recent survey by Check Point in partnership with ITWeb, the majority of South African organisations are allowing more personal devices in their workplace, posing more security risks.
Over half of survey respondents ranked mobile security as a very high or high priority for their organisation, and only 5% cited mobile security is not a priority at all.
"Organisations are becoming more mobile, which means their staff are taking confidential and sensitive data, in the form of e-mails, contacts, documents, etc, with them on their mobile devices wherever they go," says Doros Hadjizenonos, sales manager at Check Point SA, commenting on the results of the ITWeb/Check Point Mobile Security survey, which ran online during February and March.
"Therefore, it is imperative organisations embark on a mobile security project to secure data on mobile devices," Hadjizenonos notes.
He adds exploits and malware are also increasing hugely on mobile devices and this opens up a large security hole exposing organisations' confidential data that exists on mobile devices.
"Ignoring this security risk could mean the potential loss of data coupled with the potential damage to an organisation's reputation," he warns.
The majority of survey respondents (83%) said the number of personal devices connecting to their corporate network has grown over the past year, and only 10% said it had not.
Hadjizenonos notes there are several steps companies can take to secure data on personal mobile devices used within their organisation.
"Establish a sound policy on what data is going to be allowed on mobile devices based on a user's access and how it will be secured. The policy should also cover how a user and IT department should react to a security incident should it happen."
He believes users need to be educated on the safe use of mobile devices, creating the need for organisations to establish security awareness programmes to ensure the security message is communicated to all employees.
"Make sure a mobile security solution is deployed that can effectively enforce the organisation's security policy and does not impact the way a user works on their device. Security should be an enabler and not an inhibitor. We have found that when you are dealing with personal devices, users prefer to have full control of their device and the applications they install on it. So the solution should be about securing the business' data and not necessarily about managing the device."
According to Hadjizenonos, the number of personal devices connected to corporate networks will continue to grow in the near future.
"It makes sense for a user to use their personal device for both personal and business use. Smartphones are becoming smarter and this allows users to run applications that were traditionally only available on desktops and laptops. As smartphones evolve, I am sure more business applications will be available for these devices which would naturally mean the number of connected devices will increase."
When asked if employee behaviour can make a difference in preventing mobile security breaches, the majority of survey respondents answered yes (77%). Only 17% believe employee behaviour wouldn't make a difference.
"A mobile security solution should be able to minimise the risk of careless employees by providing multiple layers of security," notes Hadjizenonos.
Share