Despite the hype around cybersecurity bugs like Heartbleed and a number of high-profile data breaches, too many employees who use their own mobile devices for work purposes are ignoring security threats – putting their employers' businesses at risk.
That's the takeaway from a new study by Osterman Research, which found that 15 percent of enterprise employees who responded to a survey believe they have “none to minimal" responsibility to protect corporate data stored on their personal devices. The study also revealed that 10 percent don't even have a password, PIN or other security measure enabled on the mobile device they use for work purposes, potentially exposing organizations to grave risk.
On the flip side, 44 percent of respondents are think about their responsibility to protect the corporate information on their personal device on a daily basis. But nearly 10 percent think about their responsibility only a few times a year, identifying a real need for secure solutions that keep personal and corporate devices safe.
“The results show that even employees of large multinational corporations, who are consistently warned of the dangers to their data directly from their IT department, are not keeping security top of mind," said Michael Osterman, principal, Osterman Research. “It is clear organizations need to continue to educate employees on the dangers and risks of mobile security but also look to solutions that safeguard the devices and applications which these employees have access to."
Other key survey findings:
- On average, 45 percent of the enterprise employees surveyed have more than six third-party applications installed on their personal device.
- More than 15 percent have had their personal account or password compromised.
- Forty-three percent have accessed sensitive corporate data on their personal device while on an unsecured public network, such as the airport or a coffee shop.
- Upon losing an unprotected mobile device, 32 percent of respondents would rather contract the flu or go on vacation with their mother-in-law than tell their boss.
“As these results demonstrate, enterprise employees still need to be aware of security threats and best practices," said Tom Kemp, CEO of Centrify, the unified identity services provider that released the survey results. “We have made it our mission to bring security awareness to the enterprise, but there is always room for more education and innovation. As the survey shows, corporate employees are now leveraging applications on their devices to get their jobs done. As a result, there is greater need than ever for unified security identity across multiple devices and platforms."
Follow senior online managing editor @Craig_Galbraith on Twitter.