Mobile security still sorely lacking at many businesses

Mobile security still sorely lacking at many businesses

Over half of businesses still do not have a formal bring your own device (BYOD) policy, new research has suggested.

A survey of 447 IT decision-makers from Champion Solutions Group, claims many businesses are not taking enough action to safeguard their mobile devices.

The Christmas period is traditionally a time for more devices entering the circulation of many corporate IT systems, meaning the issue is set to be placed under the spotlight once again.

The rising use of BYOD means securing these devices has already become more of a pressing issue for many IT departments, no matter what their size.

Despite a number of high-profile cases highlighting the importance of securing mobile devices, many companies are still not doing enough to protect their systems, with over three-quarters of respondents stating they do not require multifactor authentication for mobile devices connected to applications and network resources.

However, while mobile device management practices leave much to be desired, there are some positives from the survey.

Eight out of ten organisations were found to be using mixed alphanumeric passwords, while nearly three-quarters said they did not allow for the re-use of a recent password when implementing updates.

In addition, one-half of businesses require their employees to reset their password every 90 days, while 25 per cent require resets every 45 to 60 days.

But experts insist that good-quality passwords do not necessarily equate to acceptable data protection.

Some experts have already declared their surprise at the results, adding that some of the larger companies to be surveyed were not using their resources effectively.

Jason Milgram, Azure's managing vice-president and director of software development at Champion Solutions Group & MessageOps, said the results were "very interesting".

He added: "What you'd expect from a larger organisation is not necessarily in line with what all of the results show, and the same for some smaller companies.

"I definitely encourage businesses to review the information, look at the policies they have or do not have in place, and use the research as they update their mobile device security strategy."