Significant security risk

Recognising that mobile devices pose a significant security risk, the report found that 95 per cent of organisations in Australia have security policies in place, with 60 per cent of IT directors reporting that all of their employees understand their mobile device access/permissions. Nevertheless, the report as well details that in reality, less than 20 per cent of employees are aware of their company's mobile security policy. "There is a serious disconnect between policy awareness and policy adherence in the mobile computing environment", said Michael Sentonas, McAfee's Chief Innovation Officer for Asia Pacific.

"As mobile devices are increasingly commonplace, they are treasure troves of sensitive information about users and the companies they work for - and cybercriminals are already looking for it. Businesses need to find ways to enable, secure, and manage employee-owned innovation in an optimal way to drive cost savings." According to McAfee, attacks against mobile devices - including iPhones, Android devices, and more-will escalate in 2011 as criminals seek to tap into 'fragile cellular infrastructure' to access often unencrypted business and corporate communications. The report found that lost and stolen mobile devices are seen as the greatest security concern for IT professionals and end-users, with four in 10 organisations reporting lost or stolen mobile devices. Of these lost devices, more than half contained business critical data and nearly two-thirds of mobile device losses have had a financial impact on the organisation, which is double the global average.

"Devices are no longer just consumer devices or just business devices. They are both," said Richard Power, a CyLab Distinguished Fellow at Carnegie Mellon University, the primary author of the report.  "Devices are more than extensions of the computing structure; they are extensions of the user. The way users interact with their personal data mirrors the way they want to interact with corporate data. Even though the need for mitigating mobile security risks and threats is acknowledged, the report found that around 30 per cent of device users keep passwords and pin codes on their mobile devices, during 20 per cent store credit card details.

Employees are as well storing confidential data on mobile devices. One in four Australian respondents store confidential work information on their mobile devices and nearly 40 per cent of organisations provide access to such content on these devices. "Data loss remains a huge problem for both consumers and businesses," said Sentonas. "Businesses and their employees need a solution to protect their valuable intellectual property and personal information.  It's far too easy to leave a mobile device in a taxi, or at the airport.  This study shows that there is a lot of room for improvement in terms of education and putting the right tools in place to ensure mobile security." The survey found that in Australia, 71 per cent of organisations are more reliant on mobile devices than they were 12 months ago.

Nine out of 10 Australian organisations now provide access to email on mobile devices. IT is becoming increasingly consumerised and businesses now operate in a heterogeneous mobile environment where BlackBerrys are no longer the standard. The survey found that 68 per cent of the Australian employees surveyed use the same mobile device for both business and personal use.

AVG Pty Ltd, the distributor of the award-winning AVG anti-virus and Internet security software in Australia, New Zealand and South Pacific, will again be shining the spotlight on personal and small business security at the upcoming CeBIT Australia 2011 exhibition, the most influential event of its kind in the Asia-Pacific region.