Only 1 in 8 companies has fully implemented mobile device security policy, says report.
Just 14% of companies have a fully developed mobile device security policy for their corporate networks despite a rising number of security incidents, according to a report.
The study, by Kaspersky Lab and B2B International, found that 6% of respondents identified a mobile device as the source of at least one confidential data leakage over the past 12 months.
This year, for 5% of the companies surveyed, mobile devices have caused more critical data leakages than phishing attacks and 4% more data leakage than employee fraud.
IT security incidents involving mobile devices are both growing and diversifying as more mobile devices, smartphones and tablets are being used at work on a daily basis, the report claims.
These devices are also often owned by the employees themselves, and so are used for personal as well as business purposes.
Having important corporate and personal information (contacts, apps, etc) to hand on one device was also described as a substantial risk to company security.
A total of 65% of survey participants admitted that the BYOD environment is a growing threat to the security of corporate IT infrastructures.
Despite this, 64% of companies do not have plans to impose any prohibitive policies on mobile devices, and about half the companies surveyed believe restrictive measures would be useless.
A shortage of resources in terms of time and money means that 48% of those who reported having a mobile device security policy in place said that insufficient funds had been allocated for this, with another 16% stating that no additional funds had been allocated at all.
Effective Mobile Device Management solutions can be deployed to increase security.
Companies can choose to limit the list of applications that can be launched on a mobile device, or block attempts to redirect the user to a malicious website via a smartphone or tablet web browser.
‘Containerisation’ allows corporate data and applications to be isolated and encrypted, and in the event of loss or theft of the device, the container can be remotely wiped.