Mobile workers don't care about security, says Cisco

OUT-LAW News, 03/09/2007

Many remote workers are uninterested in security, according to a new study by Cisco. It found that as companies increase workers' usage of laptops and smartphones, the security risks increase as a result of unsafe and sometimes reckless end-user behaviour.

The survey, carried out in conjunction with the US National Cyber Security Alliance (NCSA), questioned 700 mobile employees based in the US, the UK, Germany, China, India, South Korea, and Singapore.

Researchers found that almost three of every four (73%) mobile users claimed that they are not always aware of security threats and best practices when working remotely.

Although many said they are aware "sometimes", more than a quarter (28%) admitted that they "hardly ever" consider security risks and proper behaviour.

When asked why they were lax in their security behaviour, many mobile users offered reasons such as, "I am in a hurry", "I am busy and need to get work done," and "it is IT's job, not mine".

Almost half (44%) of all mobile users surveyed said they open emails and attachments from unknown or suspicious sources.

In the UK, China and India, more than half of users admitted to this behaviour. More than three quarters (76%) said it is more difficult to identify suspicious emails and files on PDAs and smartphones than on laptops, because the screens are much smaller.

With recent research from Korn/Ferry International revealing that, globally, 81% of executives are constantly connected via mobile devices, Cisco says the survey's findings are a cause for concern.
 
One of the issues contributing to a lack of security when the workforce becomes mobile is the end-user perception that corporate mobile devices are also personal devices and that there is little risk involved in some practices.
 
Fred Kost, Cisco security adviser, said: "Mobile devices have real access to real data. The perception is that it's a personal device – 'I'm on my device.' "
 
Mobile workers polled said they often use unauthorised wireless connections. Either hijacking a neighbour's wireless network connection or an unauthorised connection in a public place, one third of mobile users said they use unauthorised wireless. Such activity is illegal in the UK.

China had the most extreme cases, with 54% saying they've used an unauthorised wireless network.

Ron Teixeira, executive director of NCSA, said: “While this study shows mobility provides businesses with new risks, so do other internet services and new technologies. Mobility and the internet can be used securely and safely if businesses institute a culture of security within their workforce by providing their employees with continuous cyber security awareness and education programs.”

Feedback | Printer-friendly page | Latest news | | All news feeds | Ask a lawyer