ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > Resources > Articles > ZDNet UK Research

Research: The lowdown on mobile security

Rhetorik ZDNet.co.uk

Published: 25 Oct 2007 13:48 BST

Mobile security policy

The application of a policy on the use of mobile devices can do much to allay concerns over security issues and their implications within the organisation. In this section we explore the prevalence of such policies, as well as their communication and enforcement across the UK.

A policy on the use of mobile devices
Almost two-thirds of the companies researched had a policy on the use of mobile devices by its staff, which left a third that did not.

However, when you look at the pattern of response across the different sizes of organisation, the reasons for this proportionate lack of policy become more explicable. The results show clearly that the availability of a recognised policy increases steadily with increasing size of enterprise. Only two-fifths of the very smallest organisations (fewer than 10 employees) appear to see the need for such a policy, probably because of the very limited number of users. However, in the large corporate sector (more than 1,000 employees), application of a policy is recognised in 85 percent of all enterprises, where user base is often much higher and the corporate exposure to risk proportionately much greater.

The same pattern was seen when analysing the results according to number of handheld mobile devices in use. For organisations with 100 or more mobile devices in use, less than one in 10 had no such policy in place.

Figure 2: Mobile device security policy

Q33 Does your company have a policy on the use of mobile devices for business purposes by its staff? (single response)
Base: All respondents; Total: 371
Source: Rhetorik 2007

Communication of mobile-security policy
Clearly there is little point in a company having such a policy if it is not fully communicated to all relevant members of staff.

When questioned on this, almost all organisations did communicate their policy. Nearly four-fifths of enterprises communicated this to all their users in writing, and most of the rest discussed the policy with their staff. Only two percent said they had a policy that wasn't communicated.

The smaller organisations placed greater reliance on verbal methods of communication, as in general did those with the lower numbers of users. Almost half of all SOHO (small office/home office) organisations, as well as all those with fewer than five handheld devices in use, depended on verbal means to communicate their policy to the user base.