As the 2012 RSA Conference draws to a close on Friday, one of the most-talked about themes at the security expo was protecting mobile devices.
Unfortunately, it doesn't look like most people have thought about it too much, whether it be for their personal or business gadgets. That can't be reassuring for skeptics of the bring-your-own-device movement.
A new report conducted by anti-malware company ESET and Harris Interactive illustrates the overall lack of company security policies that are in place to lock those devices down.
Here are a few examples:
- Less than 10 percent of people currently using their own tablets for work have auto-locking enabled.
- Only 25 percent of smartphone owners used auto-locking features.
- Laptop owners did a bit better with one-third of users using auto-locking features.
Across the entire BYOD spectrum, the report found that encrypting company data is only happening on about one third of devices.
Overall, researchers found that less than half of all devices in the BYOD category are protected by the most basic of security measures.
There are many takeaway lessons here. The automatic reaction should not be to simply ban personal devices at work, but obviously some security education is needed here for employees at every level in the company.
ESET security researcher Cameron Camp added some very basic tips in the report, including just turning the auto-lock feature on with password protection.
"The cost of not taking these steps could be suffering the scariest kind of security breach, the kind that was easily preventable by basic BYOD security best practices," warned Camp.
More RSA 2012 coverage: