Sponsored feature: Risk awareness critical in mobile device use
A look at the attitudes of industry players found that acceptable use policies and risk awareness regarding personal mobile devices generally require a boost. Fleur Doidge reports
According to an online poll of several hundred CRN readers carried out in November, personal mobile devices are increasingly used in the workplace, giving rise to a number of concerns about security and information management, and a chance for technology providers to address these challenges through education and policy.
The early part of the survey, which was sponsored by Eset and discussed in the 12 December 2011 and 16 January 2012 issues of CRN, explored whether readers find that their customers have concerns about consumerisation, at least when it comes to securing the personal mobile handset, laptop or tablet as it accesses the organisational network. Many do have concerns, according to the survey's respondents.
The next set of questions delved more deeply into the opportunity available to resellers and other technology providers.
What is acceptable use?
Question seven of the poll asked if respondents' customers had a policy on the acceptable use of personal mobile devices at work. Of those who answered, 63 per cent said some customers did, while five per cent said none of their customers had such a policy.
Furthermore, only 40 per cent of respondents said the right people, whether in their own organisation or those of their customers, knew of any such policy.
Some 14.3 per cent said the right people did not know about the policy on personal mobile device use, while the largest tranche - 45.7 per cent - said they were not sure if the right people were involved here.
The next question was on the policy's effectiveness. The perception of the industry players questioned was that they have not been very effective so far.
This clearly suggests untapped opportunities for technology providers to help their customers towards a more consistent, comprehensive and effective approach to mobile device security. Many vendors - including Eset, Kaspersky, Trend Micro and McAfee - are looking to address consumerisation issues with a range of offerings. All have supported research that suggests securing the mobile device is an issue that currently resonates with customers.
Rating perceived effectiveness on a scale of one to five, where five represented "very effective" and one represented "not at all effective", 72 per cent of respondents said the policies were not very effective. Another nine per cent maintained that the in-house acceptable usage policies on personal mobile devices were not the least bit effective. Just six per cent said the policies had been very effective.
Question 10 explored whether the industry feels there is a need for greater education on security risks generally among employees at customers' organisations. A whopping 89.9 per cent of respondents said there is a need.
Security risk awareness
When asked whether there is a need for more education on the specific security risks of using personal mobile devices at work, citing the iPad and iPhone, again, 89.9 per cent of respondents answered yes. However, a few more people responded to this question than to question 10, underlining the strength of respondents' feelings on this issue.
About 68.5 per cent of respondents said their customers' organisations do not have a strategy to address the need for greater education on personal mobile device security.
■ This is the third feature in a series of four. The final article in this series will explore further the issues and appropriate channel response to consumerisation and mobile device security in the workplace.