Study Reveals Insight for Mobile Wireless User Protection

Aug 21, 2007 4:03 PM

           

A global third-party study commissioned by Cisco Systems Inc. and the National Cyber Security Alliance (NCSA) reveals behavioral findings among mobile wireless workers that spotlight the human side of security, as businesses and IT organizations empower more and more employees to remain connected outside of their offices.

Conducted this spring by InsightExpress, an independent market research firm, the study explores what is at stake for businesses striving to become mobile, and, therefore, more agile and efficient. It reveals findings gleaned from more than 700 mobile employees in seven countries that have adopted wireless technologies widely: the United States, United Kingdom, Germany, China, India, South Korea and Singapore.

Although the study uncovers risky behavioral trends, the results represent a major opportunity for IT to play a more proactive and strategic role in protecting their employees and businesses overall, both through education and solutions.

This is especially relevant as adoption of wireless and mobility technologies increases. For example, International Data Corp. reports that by 2009, the number of mobile workers in the United States is expected to reach more than 70 percent of the country's total workforce. Korn/Ferry International reports that 81 percent of executives globally are constantly connected via mobile devices.

"Wireless and mobility technologies are here to stay. They're a fact of life," says Ron Teixeira, executive director of NCSA, an organization chartered to educate the public on online security and safety. "While this study shows mobility provides businesses with new risks, so do other Internet services and new technologies. Mobility and the Internet can be used securely and safely if businesses institute a culture of security within their workforce by providing their employees with continuous cyber security awareness and education programs."

Almost three of every four (73 percent) mobile users claimed that they are not always cognizant of security threats and best practices when working on the go. Although many said they are aware "sometimes," 28 percent of them admitted that they "hardly ever" consider security risks and proper behavior. Some of these mobile users even admitted that they "never" consider safe best practices and didn't know they needed to be aware of security risks. When asked why they were lax in their security behavior, many mobile users offered reasons such as, "I'm in a hurry," "I'm busy and need to get work done," "Security just is not top-of-mind for me," and "It's IT's job, not mine."

Mobile employees admitted to engaging in a variety of risky behavior. A couple of examples include:
Accessing unauthorized wireless connections
* Whether it's hijacking a neighbor's wireless connection or jumping onto unauthorized connections in public places, one-third of mobile users engage in this behavior. China (54 percent) featured the most extreme cases. This behavior was also prevalent in Germany (46 percent) and South Korea (44 percent). Top Reasons: "I can't tell whose connection I'm using"; "Mine isn't working"; "They don't know so it's OK"; "I don't want to pay for my own connection."

Opening emails and attachments from unknown or suspicious sources
* Almost half (44 percent) of all mobile users surveyed said they open e-mails and/or attachments from unknown or suspicious sources. In China, India, and the United Kingdom, more than half of mobile end-users admitted to this behavior. A significant number (76 percent) said it is more difficult to identify suspicious emails and files on PDAs and smartphones than on laptops because the screens are much smaller.

According to Teixeira, best practices that IT can work with mobile employees on include:
* Use effective passwords that are changed every 90 days
* Update antivirus and anti-spyware programs
* Download necessary patches to operating systems regularly
* Create backups of all important data and files
* Encrypt sensitive data
* Have an emergency response plan for wireless security breaches

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

SUBSCRIBE

Select an Issue April 1, 2008 March 1, 2008 February 1, 2008 January 1, 2008 December 1, 2007 November 1, 2007 October 1, 2007 September 1, 2007 August 1, 2007 July 1, 2007 June 1, 2007 IP Security Supplement May 1, 2007 April 1, 2007 March 1, 2007 February 1, 2007 January 1, 2007 School Security December 1, 2006 November 1, 2006 October 1, 2006 September 1, 2006 August 1, 2006 July 1, 2006 June 1, 2006 May 1, 2006 April 1, 2006 March 1, 2006 February 1, 2006 January 1, 2006 December 1, 2005 November 1, 2005 October 1, 2005 September 1, 2005 August 1, 2005 July 1, 2005 June 1, 2005 May 1, 2005 April 1, 2005 March 1, 2005 February 1, 2005 January 1, 2005 December 1, 2004 November 1, 2004 October 1, 2004 September 1, 2004 August 1, 2004 July 1, 2004 July 1, 2004 June 1, 2004 May 1, 2004 April 1, 2004 March 1, 2004 February 1, 2004 January 1, 2004 December 1, 2003 November 1, 2003 October 1, 2003 September 1, 2003 August 1, 2003 July 1, 2003 June 1, 2003 May 1, 2003 April 1, 2003 March 1, 2003 February 1, 2003 January 1, 2003 December 1, 2002 November 1, 2002 October 1, 2002 September 1, 2002 August 1, 2002 July 1, 2002 June 1, 2002 May 1, 2002 April 1, 2002 March 1, 2002 February 1, 2002 January 1, 2002 December 1, 2001 November 1, 2001 October 1, 2001 September 1, 2001 August 1, 2001 July 1, 2001 June 1, 2001 May 1, 2001 April 1, 2001 March 1, 2001 February 1, 2001 January 1, 2001 December 1, 2000 November 1, 2000 October 1, 2000 September 1, 2000 August 1, 2000 July 1, 2000 June 1, 2000 May 1, 2000 April 1, 2000 March 1, 2000 February 1, 2000 January 1, 2000 December 1, 1999 November 1, 1999 October 1, 1999 September 1, 1999 August 1, 1999 July 1, 1999 June 1, 1999 May 1, 1999 April 1, 1999 March 1, 1999 February 1, 1999 January 1, 1999 December 1, 1998 November 1, 1998 October 1, 1998 September 1, 1998 August 1, 1998 July 1, 1998 June 1, 1998 May 1, 1998 April 1, 1998 March 1, 1998 February 1, 1998 January 1, 1998 December 1, 1997 November 1, 1997 October 1, 1997 September 1, 1997 August 1, 1997 July 1, 1997 June 1, 1997 May 1, 1997 April 1, 1997 March 1, 1997 February 1, 1997 January 1, 1997

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue