Mobile Workers Lead IT Security Breach Risks

Today’s increasingly mobile workforce is seen as the highest risk to IT security, according to a recent study by the Ponemon Institute. Employees’ mobile devices, and laptop computers specifically, are cited as the most likely sources of a security breach.

Workforce Mobility on the Rise

Mobility in the workforce is only projected to increase – more than a third of the world’s workforce is expected to be mobile by 2013, according to a recent IDC report . Despite the security breach risks, a mobilized workforce still holds numerous benefits, allowing workers to work from virtually anywhere and be more efficient and productive. Further, mobile workers often report  more satisfactory work-life balance and improved overall job satisfaction. But the Ponemon study points to the critical need for organizations to develop comprehensive strategies to tackle the IT security threat that mobile devices pose.

Mobility Brings Benefits and Risks

While today’s mobile technologies have given workers freedom and flexibility like never before, they also significantly raise the risk of serious cyber attacks, according to the June 2011 study conducted by the Ponemon Institute, a privacy, data protection and information security policy research group. The survey of 583 U.S. general IT and IT security practitioners reported that employee laptop computers and mobile devices were the two most likely endpoints from which a serious network security breach may occur. Twice as many breaches occurred through one of these mobile devices as they did through desktop computers, according to the study.

In the study, ninety percent of organizations said they have had at least one network security breach, with more than half of respondents reporting two or more breaches in the past 12 months. On average, these security breaches cost each of the organizations $500,000 or more including cash outlays, internal labor, overhead, revenue losses and other related expenses.

Focus on Prevention

In order to address this growing threat, one of the recommendations of the study is for organizations to put their IT security focus on prevention, rather than on the fast detection and containment of a security breach or other concerns. “Only 32 percent of respondents say their primary focus or approach to network security is on preventing attacks,” the study’s authors write. “…We believe our research provides evidence that many organizations are lacking the right strategy to prevent cyber attacks against networks and enterprise systems.”

This strategy can entail beefing up security software running on all devices, and educating mobile workers on the organization’s policies and their responsibilities to help protect network security. It also can include investing in technology with security embedded at the hardware level, rather than as just an “add-on.” Unlike many other mobile devices, Toughbook notebook PCs and tablets, like Panasonic’s coming Android Toughpad tablet, include security features built into their hardware. These features can include trusted platform module (TPM) security chips, Computrace® theft protection, Intel® Anti-Theft Technology and shock-mounted, flex-connect hard drives with quick-release features; and offer options such as SmartCard and fingerprint readers, or software such as Oculis Labs’ PrivateEye that uses the computer’s webcam for facial recognition to protect information displayed on screens from visual eavesdroppers.

Plan for the Future

Each year, more and more workers rely on new mobile technology to free them from the bonds of the traditional office environment and boost their productivity and morale. With a comprehensive IT security strategy that focuses on prevention, enterprises can meet the challenge of enabling a growing mobile workforce without compromising the security of their networks.