DENVER--(BUSINESS WIRE)--For the second consecutive year, a Coalfire survey on the topic of Bring Your Own Device (BYOD) in the workplace revealed an ongoing lack of security with smartphones and tablets used to access company data.
As in 2012, Coalfire, an independent information technology governance, risk and compliance (IT GRC) firm, surveyed 400 individuals working in a variety of industries across North America who are not affiliated with their company’s IT department. This year’s survey findings show, much like last year, companies are not taking steps to educate employees on mobile device security to help protect company data.
The increasing popularity of smartphones and tablets underscores the importance of corporate data protection on these devices. Gartner forecasts 2013 tablet shipments to grow 67.9 percent, with shipments reaching 202 million units, while the mobile phone market will grow 4.3 percent, with volume of more than 1.8 billion units.
“We are surprised to see results so similar to last year regarding security on tablets and smartphones, especially considering the attention that has been placed on this issue,” said Rick Dakin, CEO and chief security strategist with Coalfire. “The results demonstrate that businesses are not using effective methods to protect critical infrastructure. Security awareness training for tablet and smartphone users should be a top priority for all organizations.”
Recent developments in the smartphone and tablet market may lighten the load for IT departments. Apple’s iOS7, out today, includes a number of new security measures for lost or stolen devices. However, users must enact protections for them to be effective.
Key findings of this year’s survey include:
- Nearly half (47 percent) of users reported they still have no passcode on their mobile device (no change from 2012)
- Most users (86 percent) report using the same smartphone for personal and work tasks (compared to 84 percent last year)
- Although down slightly from last year (36 percent vs. 30 percent in 2013), nearly a third of users report using a single password for all digital access
- Sixty-one percent write down passwords on a piece of paper (up one percent from last year).
- Compared to 49 percent last year, 47 percent of respondents reported their IT department has not discussed mobile/cyber security awareness or best practices with them
- Forty-four percent reported their company does have a mobile device usage policy, compared with 37.3 percent in 2012
- One improved area: 33.8 percent of respondents stated their companies do not have the ability to remotely wipe data from mobile devices if they are locked, lost or stolen. Last year, more than half (51 percent) of companies did not have that ability