A recent survey by Credant Technologies shows that IT professionals really don’t have the time to be bothered with protecting their company’s sensitive data. The survey focused on mobile usage among 227 IT professionals — the majority of which hold a position at companies that employ more than 1,000 people.
Thirty five percent revealed they just don’t get around to using a password on their business phones and smartphones, even though they know they should as they contain sensitive and confidential information! Surprisingly, IT professionals are only marginally better at using passwords than the general population, as a survey conducted earlier in the year by CREDANT found that 40% of all users don’t bother with passwords on their mobile phones.
The sorts of information that IT professionals are storing on their smartphones and mobiles, many of which are totally unprotected with a password, include:
- 80% Business names and addresses
- 66% Personal names and addresses
- 23% Business emails
- 16% Personal emails
- 12% Bank account details
- 12% Business diary with details of all their appointments and meetings
- 7% Personal diary
- 5% Credit card information
- 4% photos
- 1% Passwords and Pin numbers
Andrew Kahl, Sr. VP of Operations & Co-Founder from CREDANT Technologies explains “It is alarming to note that the very people who are responsible for IT security are not much better at protecting the information on their business phones than most of their co-workers, who don’t necessarily know any better. If a mobile or smartphone goes missing and isn’t protected with a password, and contains business names and addresses and other corporate data such as business emails, then the company is immediately in breach of the data protection act by failing to meet some of its principals on electronic data.”
A scary thought, considering that last year alone saw 656 different security breach incidents, an increase of 47% over 2007’s total of 446, according to the Identity Theft Resource Center. ITRC also claims that the bulk of breached data was unprotected by encryption or passwords.
If IT professionals are failing to protect sensitive data, who is succeeding?