7% of respondents have made policy adjustments to mitigate the risks related to mobile computing devices.
Advances in mobile devices have extended the virtual boundaries of the enterprise, blurring the lines between home, office, coworker and competitor.
More access equals more productivity, but also more risk
Constant access to email and corporate applications enables new mobile business applications and allows access to, and storage of, sensitive company data as well as private personal data.
Mobile technologies are converging as the functionality overlap between laptops, smartphones and tablets continues to increase. As the pace of the adoption by organizations increases, they need to integrate quickly, compressing the time needed to identify potential risks and develop effective strategies and implement measures to address those risks.
Tablets on the rise
Eighty percent of respondents are either planning to, evaluating or widely using tablet computing.
Our survey shows that the adoption of tablets and smartphones ranked second-highest on the list of technology challenges perceived as most significant, with more than half of respondents listing it as a difficult or very difficult challenge.
Which of the following controls have you implemented to mitigate the new or increased risks related to the use of mobile computing (e.g., tablet computers)?
Policy as key control
Our survey shows that policy adjustments and awareness programs were chosen as the top measures organizations are using to help address risks posed by this new technology. User awareness of the risks of mobile devices will also help limit the instances of employee misuse and inform users of the policies around acceptable use.
We see that companies recognize the need to do more and are beginning to educate themselves about the capabilities and design of the mobile device security software products that are available in the market. However, the adoption of security techniques and software is still low.
For example, encryption techniques are used by only 47% of the organizations.
| Our perspective |
- Establish governance and guidance for the use of both mobile devices and their associated security software products.
- Use encryption as a fundamental control. Because fewer than half of the respondents are using it, organizations should consider embracing encryption.
- Perform attack and penetration testing on mobile apps before deployment to help reduce the organization’s risk of exposure.
« Previous | Next »