User Behavior and Training Critical to Secure Mobility
Worker mobility has become an essential practice for government agencies. From teleworking on the road to accessing critical data on your smart phone, mobility increases productivity and employee satisfaction. And the trend toward mobility is growing. In fact, the Cisco Visual Networking Index predicts there will be more than 10 billion mobile devices worldwide by 2017. With the increased proliferation of mobile devices comes the need to ensure that appropriate policies and procedures are in place so agencies can take advantage of increased capabilities while still maintaining high levels of security.
By and large, government agencies are doing a good job of balancing the need for mobility with security requirements. However, according to a new study by Mobile Work Exchange, which was commissioned by Cisco, 41 percent of government employees are putting agencies at risk with secure mobility habits. Clearly, there is some room for improvement.
The study used the Secure Mobilometer, an online self-assessment tool, to capture data from end-users and agencies. The tool ranked their mobility habits based on practices of user inputs, password protection, data loss prevention, mobile device policies and security training.
The study found that 90 percent of respondents use at least one mobile device, such as a laptop, smart phone or tablet for work purposes. While most employees take basic steps to secure their computers and files, a significant number of respondents engage in behaviors that could make agency data on their mobile devices vulnerable to theft. For instance: 52 percent fail to use multifactor authentication or data encryption; 25 percent do not establish a password on the mobile device they use for work; and of those who do use passwords, about 1 in 3 people use “easy” ones.
Most of these issues can be easily resolved through technology and training. Notably, half the agencies that took the assessment are missing steps such as remote wipe capabilities, multifactor authentication or data encryption. And more than 1 in 4 respondents had not received mobile security training from their agencies.
Of course, mobility is here to stay – and for good reason. When properly enabled, a mobile workforce can be a tremendous asset. Agencies just need to build a solid, secure mobile foundation before their employees reach for the next big app.