Not too long ago, the office computer filled an entire room. Now, it fills the palms of one-third of workers—those mobile employees who use only the mobile device for their jobs. Security, however, lags behind in keeping up with this growing trend. This is the BYOD generation: bring your own device (to work).
IT departments need to keep one step ahead of this fast-growing trend. It’s here to stay, and one reason is that it’s responsible for significantly pumping up productivity. Employers love this. More productivity = higher profits. You’d think that some of these increased profits would be reinvested in security training that correlates to the BYOD movement since the BYOD movement strongly correlates with an increase in data breaches and risks of breaches.
But it’s not.
Organizations still aren’t seeing the light
A recent Ponemon Institute survey reveals that for a large portion of employees, the mobile device is a first-line medium for conducting business. That one-third figure mentioned earlier is forecasted to jump to 50 percent over the next 12 months.
With all the improvements in productivity comes a corresponding jump in the risks of data breaches—both intentional and accidental. The survey reveals that 52 percent of the participants said that security training for smartphones was shelved in the name of sharpening worker productivity.
Another finding: One-third of businesses don’t even have existing security programs for the BYOD’ers. About three-quarters of respondents said that their existing security was lax. And don’t think that security risks mean only computer viruses, phishing e-mail scams, being lured to malicious websites, being tricked into downloading malware, etc.
There’s a huge risk in the form of roving eyes. A “visual hacker” uses his eyes, and sometimes with the assistance of binoculars or a mobile device camera, to prowl for unguarded computer screens in public like at airports, hotels and coffee houses. He swipes sensitive data by recording it with a camera or seeing it and then writing down what he sees or even memorizing it. Workers can prevent “shoulder surfing” with the ePrivacy Filter software by the 3M company. Combine this software with a 3M Privacy Filter, and the user will be able to thwart a hacker hovering over his or her shoulder from virtually any angle.
The typical business, says the survey, handles 20,000 mobiles, and that number is fast-rising. This will heap on the pressure to implement solid security plans. Managing each device won’t be cheap, either, but a pricey stitch in time will save obscene expense times nine.
Sixty percent of the survey takers said that mobiles have made employees rather lazy with security awareness. There’s definitely a human factor involved with all of this that businesses must address.
If employees want to use mobiles to conduct business, they should also embrace the responsibility that comes with the use of these devices—that of being willing to learn how to keep the sensitive data that’s stored in these devices safe, and also being willing to learn how to recognize social engineering and other cybercriminal tricks.
Robert Siciliano is a Privacy Consultant to 3M discussing Identity Theft and Privacy on YouTube.