Mobile Security: All About the Data
Prioritization Is Power
It's not that smartphone and tablet hardware is disposable, exactly. But it's not nearly as important to the 371 business technology professionals responding to our 2014 InformationWeek Mobile Security Survey as the data in device memory.
Among respondents who work in government, nearly 60% say their mobile data protection policies are driven by both internal prioritization and federal and state requirements. However, technical controls to support policies are not always in place. For example, just 27% can prevent data from leaving secured devices.
On the bright side, 66% of government respondents have some control in place to identify and classify data. This is encouraging. However, given the nature of government agencies -- a breach could compromise national security -- that number should be even higher.
Other data points from our full survey:
>> 72% say their top mobile security concern is data loss from lost or stolen devices; 40% worry about users forwarding corporate data to cloud-based storage services.
>> 50% allow all corporate-owned devices to access social media sites and use related apps; 31% limit that access to certain departments. Just 19% ban it completely.
>> 46% feel only moderately confident that their mobile security controls are effective at protecting data.
Respondent breakdown: Respondents screened in by indicating involvement with mobile device management, policy development, and/or security at their organizations. Forty-one percent have 5,000 or more employees; 28% are over 10,000. Government is the best-represented sector, and 36% are IT director/manager or IT executive management (C-level/VP) level. (R7890514gov)
Survey Name InformationWeek 2014 Mobile Security Survey
Survey Date March 2014
Region North America
Number of Respondents 371
Purpose To examine mobile security technology trends and strategies
Methodology InformationWeek surveyed business technology decision-makers involved with mobile device management, policy development, and/or security at North American companies. The survey was conducted online, and respondents were recruited via an email invitation containing an embedded link to the survey. The email invitation was sent to qualified InformationWeek subscribers.