The next time, a colleague decides to transfer contact details from his Outlook Express onto his mobile phone or PDA, CTO's and systems administrators can't take it lightly. There is a good chance that these innocent looking devices could compromise the company's security.

A third of professionals using mobile devices such as PDAs and Smartphones don't use passwords or any other security protection and yet three out of ten of these sloppy handheld happy users store their PIN numbers, passwords and other corporate information on them. That's according to results taken from The Mobile Usage Survey 2005, conducted for the fourth year by Pointsec Mobile Technologies and SC Magazine. The results are even more staggering considering the survey was conducted amongst IT professionals who are 'hopefully' more security savvy than the average employee.

According to the survey, corporate personnel now store huge amounts of corporate data on their mobile devices, including customer contacts, email details, passwords and bank account details as well as personal and private information such as friend's details, personal images and even PIN numbers; without giving much consideration to security. As a result, a lost PDA or Smartphone with no protection makes easy pickings for common thieves, opportunists, hackers or competitors and could enable them to steal your identity and get at your corporate information.

This could have a huge impact on customer confidence, cause an organization to breach the data protection act or do untold damage to a company's reputation. On a personal level, it could expose you to fraud, embarrass your friends or wreck your personal life, the survey revealed.

Low awareness levels
Since the survey was first introduced four years ago, awareness of the risks of storing unencrypted data on a handheld is still surprisingly low and
needs to be improved to prevent security breaches. Seventy eight percent of users do not encrypt the information on their PDA or Smartphone even though sensitive personal and valuable corporate information is being stored on these devices with 81% using them to store business names and addresses, 45% to receive and view emails and 27% store corporate information. Fifty nine percent also use their devices as a business diary and 14% use them to store information on their customers.

According to the survey more people than ever before are losing their mobile devices, last year just 16% had lost one, this year it has increased to 22% and of those that did lose their device 81% had not encrypted their information and admitted that they were worried that the information could fall into the wrong hands and not only cause a security risk as corporate and private data could be lost, but also embarrassment as friends and colleagues could be contacted by a total stranger.

Many were concerned that losing their device would cost them money and that they would lose 'everything' as they hadn't backed-up their information. Others were saddened that when they lost their mobile device they had also lost photos and video clips which had not been backed up. One interviewee lost his Smartphone by 'throwing the bloody thing out the window' - clearly an overworked IT Director!

Traveling with your mobile device still appears to be the most likely way to lose it, with the majority of them not being stolen, but forgotten in the back of a taxi, or left in an airport or on the train. Having one too many drinks in a nightclub or relaxing in a restaurant can also be dangerous as they are the next most common place to lose a device. When people do lose their mobile device only 40% inform the Police as the rest don't believe there is anything the Police can do or it costs more to report it than to replace it.

Martin Allen, MD of Pointsec said, "Handheld devices are now firmly entrenched in our corporate and personal lives and most of us wouldn't be able to function without them, however, with so much information stored on them it's essential to secure them. We believe this survey shows just the tip of the iceberg as it has been conducted amongst IT professionals who are far more security savvy than most other handheld device users. Our advice is secure it, or don't use it!"

Page(s)   1