Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
CIOS See Smartphones as Data Breach Time Bombs
November 23, 2010
Information Week reported this week on a recent study showing that 8 out of 10 CIOs think that using smartphones in the workplace increases the vulnerability to attack and rank data breaches as their #1 security concern. That statistic comes from a report conducted by market researcher Ovum and the European Association for e-Identity and Security (EEMA).
This is no surprise to John and I – we continually find security holes caused by smartphones in the security assessments we conduct for law firms and businesses. The report contains more statistics that are consistent with our experience. 48% of employees are allowed to use their personal smartphones to connect to corporate systems – on the flip side, 70% of employees are permitted to use their company-provided smartphones for personal business.
90% of organizations now provide, or will provide soon, smartphones to their employees. A majority said they would provide BlackBerrys (prudent, as we’ve said before, because BlackBerrys are hands down the most secure devices).
Security for smartphones remains pathetically weak. Only half of organizations authenticate their mobile device users. Within that half, 2/3 rely on user names and passwords. 18% use public key infrastructure (PKI) certificates. Only 9% employ two-factor authentication with one-time passwords. More horrifying, only 25% ensure that their smartphones are running anti-malware software.
Watch the headlines: We predict that smartphone data breaches will be commonplace by next year.
Listen to the Podcast
