Over 44 percent of IT businesses believe a member of their senior management has lost a mobile device in the last year new research has found, whilst 39 percent say senior management has had a device stolen. Technology research company Vanson Bourne conducted the survey of 500 IT decision makers in the UK and Germany to uncover the risks of remote working and inquire into the security measures organisations have in place. The findings also raised concerns over non-senior management employees, with 54 percent of organisations saying a non-senior management employee had lost a device, while 49 percent reported a device stolen within the past year.
Even more concerning is that the vast majority (93 percent) of these devices contained work related data, including confidential emails (49 percent), confidential files or documents (38 percent), customer data (24 percent) and financial data (15 percent). Despite the risks, organisations are failing to put in place basic security rules: of those organisations who have, or plan to implement, a remote working or security policy, nearly a third (32 percent) do not specify that devices taken outside the office must be protected with either encryption or passwords. And a quarter (25 percent) do not specify that digital files taken outside the office must be protected with either confidential files or passwords.
With over a third of organisations reporting that a device has been lost or stolen in the past six months, the ramifications can be serious. Thirty seven percent of respondents were aware of someone in their organisation having faced disciplinary action due to lost files or work data and 32 percent were aware of an employee having lost their job as a result within the last year.
However, companies are still failing to control how data leaves the office, with nearly half (48 percent) admitting that they cannot keep track of how employees take data with them and 54 percent saying that data could be more adequately secured.
“Even amidst continued warnings about data security, and with data breaches making headlines on an almost daily basis, organisations are still not able to secure their intellectual property. The benefits of encryption and password protection are not new, but businesses are simply not enforcing basic security practices,” said Nicholas Banks, Vice President EMEA and APAC, IronKey.
“What’s more, businesses are aware of employees breaking their organisation’s security rules to take work outside of the office (67 percent), yet they are doing nothing to address the issue. These responses highlight a careless attitude toward company devices and data. Employees, including senior management, appear to be unaware of the full impact of data loss, and it is exactly those senior level execs that employees are looking to for education, and action, to prevent sensitive data falling into the wrong hands. Organisations have a duty to secure corporate information and the devices on which it is stored,” Banks added.