Though businesses in the UK face ICO fines of up to £500,000 for data breaches, near a quarter, 23pc of employees said that data security is not their responsibility, and 30pc said they believe there would be no penalty for losing a company device. Yet when asked about employer penalties for losing individual data, 69pc of those surveyed said businesses should be fined and face legal sanctions.
These are among the results of the 2013 Mobile Enterprise Risk Survey, from Absolute Software. The research surveyed 755 British workers on their attitudes to mobile devices and data theft and found many employees do not feel responsible for their organisations’ data.
A proliferation of mobile devices and the trend in bring your own device (BYOD) in the workplace is seeing company data exposed and compromised, yet a third of employees (33pc) describe the security culture of their workplace as moderate or lax. Barely two-thirds, 63pc of employees say there is a formal procedure in place when a device is lost, and 30pc say there are no personal penalties for losing the phone.
Stephen Midgley, Vice President, Global Marketing, Absolute Software said: “The desire for employees to work remotely and on the go has made valuable and confidential business data vulnerable. The speed with which BYOD has landed has meant corporate IT has barely been able to keep its head above water and the results of the 2013 Mobile Enterprise Risk Survey show that for most organisations it’s a struggle not only to educate employees on device security, but also to provide basic support to its staff. A business can be compromised financially and competitively through data breaches, and it’s vital that CIOs and IT departments develop a strategy to mitigate against mobile device theft and data loss.”
In terms of device ownership, the 2013 survey shows that nearly three in ten (29pc) of company employees have only one device for work and personal use, and this device may be owned by the business (23pc). The research also looked into what employees think of the data that is stored on their corporate smart device. A third (33pc) of respondents ranked protecting their personal contacts as a top priority, while four in ten (41pc) ranked work contacts as a top priority. These were both ahead of log-in details for corporate portals (23pc) and work files (19pc).
It seems despite recognition that sensitive data exists, a significant amount of employees surveyed are still losing devices. More than half, 55pc understand there is private information on their device, yet 15pc admitted to having lost a smartphone or tablet, rising to 25pc in younger employees aged between 18 and 34. On learning a device has been lost, 37pc said they contacted IT, 28pc contacted the service provider, while only 7pc used a tracking service to locate the device.
For more information, visit www.absolute.com/en/resources/research/mobile-enterprise-risk-uk
About Absolute Software
Absolute Software Corporation has technology embedded in the firmware of computers, netbooks, tablets and smartphones by firms including Acer, ASUS, Dell, Fujitsu, HP, Lenovo, Motion, Panasonic, Samsung and Toshiba. The company has reselling partnerships with these OEMs and others, including Apple. For more about Absolute Software, visit www.absolute.com
Method
From November 15 to 29, 2013, Vision Critical conducted an online survey among 755 randomly selected British adults age 18-plus who have a mobile phone for work, and work for a company with 1000 employees or more.
