Australians are still ignoring security on their smartphones and are leaving crucial data available to hackers, who could steal financial and personal information, the latest Unisys Security Index reveals.
The latest survey reveals 58% of Australians never secure their mobiles or smartphones by regularly changing a password or PIN, and only 18% secure their device regularly. Unisys national security program director John Kendall says that given 97% of employees use a personal mobile device at work, this statistic represents a massive problem.
“Part of the problem is that these mobile devices contain a mixture of work and personal-related information. In additional to bank information, you store user IDs and passwords. They’ll have email traffic from work, other information they will sync as well.”
“And given that only 18% are securing devices regularly with a password, that’s pretty scary. It’s a risk to the organisation, not just the employee. We’re finding that people are just not using these devices as computers, but think of them as telephones and don’t secure them properly.”
The Unisys Security Index has decreased in all four components – national security, financial security, internet security and personal security, indicating people are now more relaxed about securing their data and aren’t worried about breaches.
The survey shows 29% never use hard-to-guess passwords that are changed regularly, 20% never read or comply with policies and privacy statements of companies they do business with and 21% never shred or dispose of personal paperwork such as bills or statements.
Kendall says businesses that allow their staff to work with documents or emails on their phones need to ensure they follow strict security measures so data isn’t handed over to the wrong people – data which can be sold on to competitors.
“We’re finding that people are now actually targeting these devices purely because of the huge amount of information that is stored on them. Users are not using a powerful password at all, so of course they’re going to lose some data if it’s stolen.”
The survey also shows that 22% never limit personal information posted to social networking websites or set up privacy controls to restrict who can view that information. And 14% never update security and virus protection software on their computers.
Kendall says businesses need to start implementing strict procedures that cover exactly what data can be used on what devices, and make sure their employees are educated about what passwords they should be using.
“So businesses first and foremost need to start establishing strict policies. They need to build a security infrastructure in their businesses, and the first port of call there is just educating employees.”
“They need to tell their employees that smartphones are really handheld computers, and they need to protect the information on there the same way they would protect any other sort of information. At the very least, that means securing with a password or a PIN and changing it regularly.”
Kendall says many businesses are now turning towards standardised security practices, installing security software on every employee’s device.
“There is a range of methods. One is to provide devices to your employees with security software pre-installed; another is giving them an approved list of smartphones for business.”
But Kendall points out the Unisys index shows social networking users are becoming more concerned with how their data is handled.
Of Australians aged between 18-34, 70% say they protect their information always, compared with just 44% in the over-50 category.
About 60% of Australians also say they always limit the information posted to social networking websites, and set restrictions on who can access that information. About 56% are extremely or very concerned about unauthorised access to their information, while 55% are extremely or very concerned about other people obtaining their credit card details.
Kendall says there is a slight disconnect between users protecting their data on social networks and on their smartphones, mostly because they are more of an innovation.
“People are embracing new technology and are concerned about their data, but because the smartphone is still relatively new, they’re not thinking of it as a computer, and that means they’re not securing their data properly.