Canadian consumers and small businesses are taking some serious risks in failing to guard their smartphones and their data, according to a new study from Symantec Corp.
Releasing its 2013 Norton Report yesterday, Symantec analyzed the habits of online and mobile users in maintaining their cybersecurity. Researchers found this year, seven million Canadians were victims of cybercrime, costing the average Canadian about $383, a jump up from $169 in 2012. The total cost of cybercrime in Canada was about $116 billion this year, researchers estimated.
The report polled about 13,000 respondents aged 18 to 64, hailing from 24 countries around the world. And although almost half of respondents worldwide said they treasure their smartphones enough to sleep beside them, many also reported regularly doing things that compromise the security of their mobile devices.
In Canada, about 37 per cent of respondents said they use their mobile devices for both work and leisure. While that’s a smaller number than the global average of 49 per cent, Canadians committed their fair share of mobile faux-pas. Forty per cent of Canadians polled reported storing personal data on their work device, and 17 per cent of working adults said they accessed personal social networking accounts using their work device.
About nine per cent of parents let their kids play games, download apps, and shop online using their work devices, and 10 per cent of working adults shared work information with friends through online storage sites. That figure jumped to 15 per cent when it came to sharing work information with family. Another 19 per cent of respondents said they store both work and personal documents in the same online file storage account.
Yet the blame can’t be placed squarely on businesses’ employees. Within Canada, about 35 per cent of respondents said their workplace didn’t have a solid bring your own device (BYOD) policy in place.
This is the fourth year Symantec has done the study, giving researchers a chance to spot some emerging patterns in mobile device security, says Marian Meritt, a spokesperson for Symantec.
“I think that these trends, we’re just going to see more and more each year. Because what really came out this year was this shift towards mobile, which has impacted the BYOD phenomenon, and the fact that people are less safe,” she says.
Among the worst culprits for lax mobile security are millennials, the study found, with 66 per cent of millennials reporting being victims of cybercrime, compared to 54 per cent of baby boomers.
The younger generation has grown up with technology, but that may have made them a little complacent about protecting their data, Merritt said. Coupled with the fact that younger people tend to be early adopters, that means a lot of millennials are not being cautious enough about protecting their data on mobile devices.
It doesn’t help that mobile malware has grown exponentially in the past little while, Merritt added. For example, the Google Play Store typically has hundreds of apps acting as fronts for malware, collecting data like contact lists from smartphones. That can be especially dangerous for owners or employees of small to mid-sized businesses (SMBs) who may be storing their customer lists on their mobile devices, she says.
“Given our behaviour on accessing so many different things, like social networks and email, the vector of infection transfers directly over. And then you also have this issue … where we play games on these devices, and it blurs in our mind the serious nature [that] it’s not a gaming device, it’s a mini computer, whether it be a tablet or a smartphone,” she says.
“So I think because you have all these blurred boundaries, people are viewing it in a less serious manner, and that’s frankly going to need to change.”
Owners of small to mid-sized businesses (SMBs) should prepare a strong BYOD strategy, setting out policies to determine when employees qualify to get work devices, Merritt says.
Employees also need to know which operating systems to use, and which apps are safe for work. That includes cloud-based apps. It may even be a good idea to recommend certain mobile devices to employees before they go to the store to pick one out, she adds.
And of course, SMBs need to decide who owns the content on their workers’ devices, just in case the workers leave their employment.