Published/updated: February 2007
For as long as businesses have been considering mobile working, the concern topping everyone’s list has been security. In the early days, the questions and uncertainties related to the technology, but as experience has been gained and solutions have matured, realisation is dawning that the greatest risks are associated not with the technology per se, but with how it is deployed and used.
Only 1 in 5 say users have a consistently good attitude towards mobile security
A recent series of online workshops and surveys gathering input from both IT and business professionals revealed that the attitude of mobile users to security is either poor or variable in 80% of organisations.
But poor attitudes to security cannot be blamed on the users themselves
Ignorance and lack of risk awareness are the root causes of user related security issues. With the right kind of instruction delivered in the right kind of manner, users can be encouraged to develop a responsible attitude. Those delivering mobility related training in a classroom based environment, for example, are 4 times more likely to have created a consistently good attitude towards mobile security among their users.
When instructing users, it is necessary to brief them on all of the risks
While the trigger for providing security related advice and guidance is often the issuing of a new device to a user, the risks associated with mobile working go beyond single applications and pieces of equipment. Potential exposures can arise from behaviour that users may not always think of as risky. Frequently overlooked or ill-considered risks include the eavesdropping of mobile phone conversations in public places, the inadvertent display of confidential information on notebook screens to fellow travellers, and the invitation to snoopers and highjackers made when devices are improperly configured or WiFi networking is used in an inappropriate manner.
Simple approaches are more effective, so solving the problem is far from onerous
Of course it is possible to build extensive libraries of policies and procedures and devise in-depth training courses on the dangers of mobile working and how to deal with them. In most cases, however, this is not just unnecessary, but counter productive. The golden rule is that the fewer things you ask users to remember, the more chance there will be of them actually remembering and practising them. Relatively simple instructions, tips and guidelines are therefore far more effective.
Mobile security cannot be achieved through technology measures alone as user behaviour has a significant impact on the level of exposure. The danger is that security savvy IT staff often fail to appreciate that the risks and how to deal with them are not always obvious to the average user. The reality is that secure mobile working is dependent on users receiving the right kind of instruction.
This report is free of charge. Click above to download the PDF or view the interactive e-document.
If you experience any problems during this process please contact us at;
email@example.com or call +44 (0)1425 626501 / 620008
By Jack Vile & Dale Vile
As both company and personally owned mobile devices are increasingly used in business, understanding and dealing with the associated risks has become a significant concern for many. In this report we explore some of the trends in mobile technology adoption. ...more
By Dale Vile & Tony Lock
If it has been a while since you thought about your DR measures, or a review has been prompted by a risk assessment, compliance audit, actual disaster or some other scare, it’s worth taking some time to understand what can be achieved in light of important changes that have taken place over the past few years. ...more
By Tony Lock
With the advent of digitisation, all public sector environments generate and capture a significant amount of electronic data. Against this background, this paper explores how to manage costs and risks while meeting these changing needs through ‘active archiving’. ...more
By Dale Vile
In some organisations, the tension between IT and business teams has come to a head around the topic of devices & the so called ‘Bring Your Own Device’ phenomenon.It’s time for IT and business managers to get together & start a proper dialogue about to deal with evolving requirements. ...more
By Dale Vile
By Dale Vile
Organisations of all sizes are trying to understand the security implications of mobile working, device proliferation and BYOD. But with IT vendors offering up a broad range of options, it can be hard to know where to focus your efforts ...more
By Tony Lock
While the importance of business information is almost universally recognised, few organisations have enjoyed either the time or the resources required to ensure that the data they store across an expanding range of computer systems is adequately protected. ...more