ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > Resources > Articles > ZDNet UK Research

Research: The lowdown on mobile security

Rhetorik ZDNet.co.uk

Published: 25 Oct 2007 13:48 BST

Enforcement of mobile-security policy
Policy enforcement is also a matter of some importance, but 12 percent of organisations with a mobile-security policy claimed to have no means of ensuring it was complied with.

Of those that did ensure compliance, the majority depended on management supervision of their staff, and most of the rest relied on monitoring and analysis tools. A number applied both methods.

Perhaps not surprisingly, the smaller organisations depended more on management supervision, with the use of monitoring and analysis tools increasing significantly in the larger organisations. More than half (51 percent) of large corporate respondents with a policy use monitoring and analysis tools, whereas this figure drops to only 15 percent in the SOHO sector.

The only other enforcement mentioned specifically was the monitoring of inappropriate communications through analysis of network billing.

Figure 4: Enforcement of mobile security policy

Q35 How does your company enforce this policy? (multiple response)
Base: All respondents who have a mobile device policy (235)
Source: Rhetorik 2007

Policy on the use of personal mobile devices
Another important security consideration for organisations is the use of personal mobile devices for business purposes by members of staff, either in the workplace or away from the office. A variety of issues can arise if such devices are allowed, including access, support and configuration issues for IT, as well as a raft of data and network security concerns from different and possibly uncontrolled devices in use.

We asked organisations with a mobile-security policy if that policy included restrictions on business use of personal mobile devices. The results showed that use of personal mobile devices is widespread. Although more than a third of all respondents stated that only company-owned mobile devices were allowed to be used for business purposes, most of the rest said that personal devices or personal and company devices were allowed by their employer.

Restrictions on the use of personal devices were more prevalent with increasing size of organisation, and indeed with increasing number of devices in use. In the large-corporate sector, half of all respondents stated that only company-owned devices were allowable, whereas only one-fifth had this strict policy in the low-end SOHO sector.