CISOs are putting businesses at risk by not securing mobiles, says Oracle.
Half of European businesses are putting themselves at risk by failing to include smartphones in their BYOD strategies, according to a study.
Moreover, many were ignorant of security policies that could help them manage mobiles, according to Oracle’s first European BYOD Index report.
The survey of 700 European firms found that a third are not using any form of mobile device management, while 22% had not even heard of mobile application management.
Another 37% were not aware of containerisation, the process of separating company and personal data on a device.
In the UK, where 52% of 100 businesses did not cover smartphones in their BYOD strategies.
Oracle’s EMEA VP of security and identity solutions, Alan Hartwell, blamed the lack of smartphone management on the mobile phone’s shortcomings as a business tool.
He told CBR: "It was quite a surprise really. But if you look at the spectrum of devices used in business the first device you’d probably look at as a useful tool would be the tablet.
"Smartphones have been for calls, for voice. Now the apps have become smarter; we have the tools that enable things to be done on the small screen where previously it was cumbersome."
Now smartphones are more useful business tools, contended analyst firm Quocirca, failing to secure them poses a serious security risk to businesses.
Founder Clive Longbottom said: "It’s a major issue. If there’s intellectual property on that device and someone loses it, you have the threat of a breach.
"If you’re using any device, say a Windows Phone with Office 365 on there, then you have full access to downloading, editing, doing all sorts of things with information.
"If you regard your Apple iPad as a threat, you’ve got to regard your iPhone as one too."
Chart: Britain ranks second lowest in treating smartphones and tablets as similar devices. Courtesy of Quocirca
However, Hartwell said that today, containerisation is the best option to secure smartphones as part of a BYOD strategy.
"If everything on that device relevant to your business is encrypted, you don’t have a problem," he said.
Longbottom added that BYOD policies should also make it simple to use smartphones.
"Make it as open and embracing as possible because we’ve got new devices coming all the time and new operating systems coming through but there are things you’re going to need," he said.
"It has to support a VPN, Java, those sort of very basic things. Just keep it simple; phones need certain base capabilities."