Many Canadian workers are sharing corporate information with friends and families through online storage sites and some are allowing their kids to download games, shop and play on work devices. These and other risky mobile activities were uncovered by a recent survey commissioned by security solutions firm Symantec Corp.
Advances in mobile technology that build-in more features and capabilities into smart phones and tablets which enable these devices to multitask as entertainment gadgets and productivity tools, the bring-your-own-device (BYOD) trend and user complacency are a dangerous mix, according to Symantec’s 2013 Norton Report.
“This should be a major worry for Canadian businesses because mobile devices that may not be entirely secure are being brought into the network,” said Marian Merritt, Internet safety advocate for Norton. “What’s more, many of users appear not to be aware of the security policies of their workplaces or the security solutions available to them.”
The survey was conducted by market research firm, Edelman Berland for Symantec (NASDAQ: SYMC) from July to August this year. Five hundred individuals aged 18 to 64 from 24 countries were queried on their online and mobile device use as well as their brushes with cybercrime.
No less than 68 per cent of Canadian adults experienced cybercrime and 32 per cent of Canadian smart phone users have experienced mobile crime in the last 12 months, the survey found.
The survey also found that the cybercrime costs Canadians approximately $3.09 billion so far this year and that the individual cost of cybercrime per Canadian increased from $169 in 2012 to $383 in 2013.
However user attitudes towards their mobile devices, especially in the context that the devices are also used to store and transmit corporate data, is particularly troubling according to Merritt.
For instance, while 25 per cent of Canadian smart phone users and 36 per cent of tablet users have some form of free security software on their gadgets, no less than 60 per cent of the users are not aware that security solutions for their devices exist.
As many as 37 per cent of respondents use their personal devices for work and play and also send personal emails through their work devices. About 40 per cent of respondents store personal information into their work devices, and 17 per cent access social networks through their work devices.
More alarming: Nine per cent of respondents said their kids play, download and shop on work devices; 10 per cent of adults share work information with friends through online storage sites; and 19 per cent use the same online file storage site for both work and personal documents.
“The lines between work and play are blurring,” said Merritt. “Personal files that may be infected with malware are being brought into the corporate network and company data is being taken out and even shared publicly.”
Many companies appear not to be cluing in on the situation, she said. For instance, the 23 per cent of the respondents said their company has no policy on the user of personal devices at work.
Other mobile risk takers uncovered by the survey were:
- Social network users who do not log off at the end of each session (42 per cent)
- Social network users who connect with people they do not know (35 per cent)
- Wi-Fi users who access personal email on public or unsecured Wi-Fi sports (50 per cent)
- Wi-Fi users who access their bank accounts on public and unsecured Wi-Fi spots (24 per cent)
Still there are there were respondents who exhibited some mobile security IQ.
For example, 56 per cent of respondents said they deleted suspicious emails from people they did not know and 46 per cent said they avoid storing sensitive files online.
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.