Mobile device are top security threat: survey

After application vulnerabilities, information security professionals are most concerned by the threats posed by mobile devices, a survey has revealed.

The 2011 (ISC)2 Global Information Security Workforce Study, carried out by researchers Frost & Sullivan, found that while 73 per cent of respondents rated application vulnerabilities as a top threat to their organisation, 66 per cent believed that mobile devices represented the second greatest risk.

Related story – Government BlackBerries a security risk: Canadian privacy commissioner

“Technologies like the Apple iPad have exacerbated people’s concerns about mobile computing,” said John Colley, managing director for EMEA at (ISC)2.

“It [tablet devices] is also very popular with senior executives and it is very difficult for security people to say to them ‘we don’t like that’.”

Yet despite the concerns about mobile devices, a third of respondents in EMEA said they did not having a formal policy for unmanaged mobile devices.

Information security professionals, have, however, deployed a wide range of technologies to protect mobile devices. The most popular choices were encryption (71 per cent), network access control (59 per cent), mobile virtual private networks (VPNs, 52 per cent), mobile device management (43 per cent) and remote lock and wipe functionality (42 per cent).

Related story – 9 surefire ways to protect your iPad and the data on it

In addition, the survey found that many information security professionals might not be doing enough to manage the threats associated with social media, despite sites being widely used by the business.

Only 39 per cent of respondents in EMEA set and enforce policy around the use of social media sites, although 57 per cent do control access through content filtering and website blocking technology. However, 31 per cent said they had no restrictions on the use of social media.

Colley admitted that it was a difficult area for information security workers.

“A lot of organisations use social media sites like Facebook, Youtube and Twitter as marketing tools, but information security professionals try to restrict it.

Related story – Social networks teeming with spam and malware

“It is difficult because if you want the brightest and best staff, they will be using social media,” he said.

A total 10,413 information security professionals from companies and public sector organisations from around the world answered the online survey. Members, as well as non-members, of the (ISC)2 certification body, were included.

Share on LinkedIn Share with Google+