More than half of CIOs in the top 500 businesses believe that product, sales and customer data are accessible on mobile devices, and nearly one third say that extends to financial data – meaning data theft is a significant an d increasing risk.
That’s among key findings of a survey of CIOs across the US and Europe, commissioned by mobile device management firm Mformation Technologies. It also notes that many mobile devices also provide access to corporate networks.
“If a device falls into the wrong hands, the impact on a company’s competitive positioning, brand and reputation could be severe,” says Matt Bancroft, CMO of Mformation. “Not only that: the loss of data stored in mobile devices breaches key regulatory and compliance requirements.”
The company’s survey also finds that only 12% of CIOs have a total record of the data users store on their devices – meaning that if there was a security breach, companies would not even know how severe it was or what data had been compromised. Additionally, 6% of companies reported that a corporate mobile device had been lost or stolen in the past six months.
Mformation insists that the problem of data loss will only be exacerbated as more users access corporate networks using more powerful devices loaded with more – and more sophisticated – data applications.
Other key findings of the research: 63% of CIOs do not actively monitor the types of data users store on devices; 68% believe that there is a considerable risk these devices will provide unauthorised access to corporate networks; and 55% fear that over the next five years, mobile devices will increasingly be responsible for lost corporate data.
Says Bancroft: “The number of mobile devices is reaching critical mass in many enterprises, and CIOs everywhere are becoming aware of the threat they pose to corporate security and compliance. As a result, CIOs are initiating a range of activities, including greater investment in data and system security, in training staff on how to work securely from a mobile device, and in IT monitoring and security systems.”
However, he asserts that arriving at the right solution is only part of the problem: it is also important to determine who will be responsible for managing security. Mformation’s survey show 65% of CIOs believing it needs to be on the IT department agenda, while 22% feel it is the responsibility of the network operators.
Mformation suggests that a coordinated approach involving both the business and the operator is the way to go.