Though the majority of South African organisations are making use of mobile devices, most do not have control over data flow between mobile devices and local data.
These were some of the key findings of the ITWeb-Kaseya Managing Mobile Connections Survey on ITWeb Online.
Attracting a total of 359 respondents, the survey asked the respondent to state the percentage of their workforce which uses mobile devices, other than for basic calling and text messaging. Some 41% revealed that more than 80% of their workforce makes use of mobile devices, 12.5% said 61% to 80% use the devices, while 16% said the percentage of users ranges from 41% to 60%.
However, most organisations (43.94%) revealed they do not have control over data flow between mobile devices and local data. Only 29.75% said they have control measures in place while 27% said they were unsure.
Information anywhere
Garth Hayward, Africa regional manager at Kaseya, believes more and more organisations are making use of mobile devices since access to information 'anywhere, anytime' is becoming the norm rather than the exception.
“This extends through from access to business information to access to social networking and private communication. Bottom line is it offers business communication and information access levels previously not available.
“Given the rising costs of office space, travel and employee time, getting the right information to and from your staff anywhere, anytime offers massive business advantages to companies operating in SA,” he said.
“Get control and get control quickly; mitigate risks surrounding the use of this great technology by implementing IT service management platforms that can assist in ensuring that your policies and procedures are living under risk negating processes.”
Critical data
It also emerged that vast amounts of data being handled by employees on these mobile devices is very important to business.
Some 23.91% of the respondents deemed the data critical while the majority (46.65%) said it is very important, with 23.62% saying it's of average importance. Only 4.96% said the data is not too important while a paltry 0.87% said it is of no importance at all.
Hayward believes the risks of handling of critical data on mobile devices are exceptionally high. “Clearly, company policies are being breached and simply ignored when it comes to mobile devices; sooner or later this situation is going to result in security and systems failures that will cost companies a pretty penny if not addressed immediately.”
He suggests that mobile devices have to be treated as any endpoint in an enterprise, with the associated benefits weighed against the risks and business impact, noting that this must be used to inform the policies and procedures created and maintained accordingly.
The biggest concern about using mobile devices in is data leaks, the survey determined. The majority (40.82%) noted it to be their biggest concern, followed by data loss, which had 34%. 15.45% indicated that they fear user-added applications while 9.33% said their worry is Web surfing.
Seventy percent revealed the nature of remote access to their business is for messaging, followed by data access/entry (68%), system monitoring (44%), and system management (43%).
Mobile security
On the measures taken to ensure business data on mobile devices remains secure, the majority of organisations (30%) rely on user access control while 20% said they make use of secure encrypted network traffic.
Some 17.23% said they use data encryption, while 10.75% deploy device monitoring, followed by 10.16% who use intrusion detection. The remaining respondents indicated they either have no measures in place to secure data or were unsure.
Commenting on this finding, Hayward says the question should be whether devices that are accessing mission-critical systems are adhering to group policies and if these policies are effective in the case of mobile devices.
“Who owns the information? How does one secure access and ongoing storage of this information? I'm afraid I think everyone would agree that having mission-critical data on an untraceable and unmanaged device is not secure at all,” he said.
The most popular way of managing mobile devices in organisations, the survey also found, is through the BlackBerry Enterprise Server or doing it manually - they both garnered 30.98%.
However, according to Hayward, it is a case of companies using what is available and if they prefer systems other than BlackBerry, then in most cases this would mean they have opted for manual management.
“But, once again, these management systems are separate from the IT service management platform and, therefore, have to be managed by separately skilled staff, which, in effect, does what it can with separate and disparate mobile management systems.”
Share