As the 2012 RSA Conference draws to a close on Friday, one of the most-talked about themes at the security expo was protecting mobile devices.
Unfortunately, it doesn't look like most people have thought about it too much, whether it be for their personal or business gadgets. That can't be reassuring for skeptics of the bring-your-own-device movement.
A new report conducted by anti-malware company ESET and Harris Interactive illustrates the overall lack of company security policies that are in place to lock those devices down.
Here are a few examples:
- Less than 10 percent of people currently using their own tablets for work have auto-locking enabled.
- Only 25 percent of smartphone owners used auto-locking features.
- Laptop owners did a bit better with one-third of users using auto-locking features.
Across the entire BYOD spectrum, the report found that encrypting company data is only happening on about one third of devices.
Overall, researchers found that less than half of all devices in the BYOD category are protected by the most basic of security measures.
There are many takeaway lessons here. The automatic reaction should not be to simply ban personal devices at work, but obviously some security education is needed here for employees at every level in the company.
ESET security researcher Cameron Camp added some very basic tips in the report, including just turning the auto-lock feature on with password protection.
"The cost of not taking these steps could be suffering the scariest kind of security breach, the kind that was easily preventable by basic BYOD security best practices," warned Camp.
More RSA 2012 coverage:
- Symantec CEO: ‘Digital natives’ will change how we do business
- Netgear’s ProSecure platform helps SMBs manage social media
- Symantec partners with VMware, Salesforce.com on new security controls
- Cisco extends firewall platform with new context-aware measures
- Cisco taking more ‘integrated and holistic’ approach to network security
- EMC unveils security, risk management services portfolio at RSA 2012
- McAfee CTO: Security on embedded devices must be a priority
- Verizon offers glimpse of its 2011 security investigations