Employees responsible for corporate data security on mobile devices

Many companies are still failing to encrypt company sensitive information on mobile devices, according to new research. The study showed that almost three quarters of companies are relying on users to manage their own device security.

A recent survey of IT security decision makers conducted by Sybase iAnywhere has shown that 80% of those surveyed have sensitive business information, such as emails and passwords, stored on their mobile devices, of which just 26% have any form of encryption.

Results from the same survey conducted during the same period in 2007 indicated that 60% of companies had sensitive data on mobile devices, of which 45% were encrypted. The year on year comparative figures indicate that whilst the amount of data on mobile devices is increasing, levels of encryption have decreased hugely, meaning that the data on 74% of devices is still dangerously accessible to the wrong hands.

The survey then asked respondents about the personal responsibility they had for security on their mobile devices. Employers are trusting 71% of respondents to undertake at least one security task for their mobile devices. Although these figures indicate a slight reduction of personal responsibility for the security of mobile devices from last year’s overall figure of 76%, they still suggest that organisations are continuing to place too large a burden of responsibility for security in the hands of their users, and are not automating these processes, said Sybase.

Mike Oliver, marketing manager for mobile management and security products in Europe for Sybase iAnywhere, commented: “These survey results reflect the increasing use of mobile devices, but also continue to demonstrate a worrying decrease in the encryption of the data stored on these devices. Of those organisations that are investing in device security, far too many are still relying on end users to take responsibility for security protocols when these should be automated and controlled by central IT.”

Survey respondents with managed security on their devices were also asked if they had any usability frustrations. 21% said that speed of decryption was an issue and 27% complained of the length of time it takes to access their device after powering up. A hefty 39% of respondents cited the issues they face if they forget their passwords as being a major problem.