No Mobile Security Training at Most Businesses

 
 
By Lawrence Walsh  |  Posted 2007-11-12
 
 
 

Story Highlights:

  • 80 percent of businesses allow users to carry data outside the corporate network or access data remotely
  • 68 percent of businesses haven't implemented end users mobile security training
  • 10 percent of businesses plan mobile security training in 2008
  • 60 percent of business report significant increases in security threats over the past 12 months due to handheld devices
  • 55 percent of businesses report significant increases in wireless security threats over the past 12 months.

The world is mobile, and 80 percent of businesses allow their users to carry sensitive data on their mobile devices or access data from remote locations. However, two out of three businesses are doing no training on the security threats or data safeguards, according to a new survey by the Computer Technology Industry Association (CompTIA).

Insider threats and trusted users are the source of most security breaches and mishaps. The threats of accidental security compromises rise as users roam outside the protection of the corporate network. While security professionals concur that user training and awareness is the best defense against breaches, only 10 percent of businesses plan to conduct any form of mobile security training in the coming year.

Failure to conduct or provide mobile security training is shortsighted, says CompTIA. Nearly all businesses that have conducted such end user training report a significant reduction in the volume and severity of mobile data and device security breaches.

While a majority of businesses are ignoring security training as a risk mitigation measure, they are reporting increased security incidents related to mobility. Four out of 10 businesses say security issues related to the use of handheld devices for transferring data have increased over the past 12 months. Likewise, 55 percent of organizations say wireless-related security incidents also have increased.

CompTIA says the lack of attention businesses are paying to security training will likely cause an increase in security incidents and breaches in the coming year.