Security doesn't end with datacenter perimeter

Access control must be an end-to-end priority, and mobile devices are a significant issue.

While Cisco is best known for datacenter and networking hardware, they recently teamed up with Mobile Work Exchange to develop a self-assessment tool that individuals and organizations can use to determine just where the problems lie with mobile users and their devices. Unlike an automated tool that checks device settings and configuration, this tool asks the user questions that also drill into how they use the security features that should be deployed.


Using this assessment tool:  The Secure Mobilometer, Mobile Work Exchange did a two-month long survey of individuals and organizations within the Federal government towards the end of 2013 and recently released the results of the study. Unsurprisingly, the results would indicate that the biggest security problem faced with the use of mobile devices is user behavior. And with the study indicating that 90 percent of government employees using some form of mobile device, it’s easy to see why these behaviors can quickly lead to severe security problems.

If there is one major point that is obvious from the survey, it is that users are their own worst enemy. Fully 25 percent  of the respondents could not be convinced to use a password on their mobile device. Despite the simplicity of enabling and entering any sort of password, one in four users simply couldn’t be bothered. And this is among users who know that they use their mobile devices to access work-related data.

On the plus side, Mobile Wok Exchanges reports that only 15 percent of government users download non-work related applications to their mobile devices, which contrasts sharply (and positively) to their studies that have concluded that 60 percent of private sector employees compromise their security by downloading unapproved applications.

Overall the report indicates that user behavior is the biggest security problem that IT faces. With so many of the issues related to simple to correct actions, like the aforementioned password issue and common tasks such as using public Wi-Fi networks for unencrypted business tasks, it would seem that a regular, gentle reminder to users on safe mobile device use is in order.