Businesses must start educating themselves on how to protect data contained on smartphones, a new AVG survey has warned, with new figures showing most users are unaware of how to utilise the most basic security features on their phone such as a PIN or password.
The AVG survey reveals 89% of consumers were unaware that their smartphones are able to transmit confidential information, while a massive 91% of respondents said they didn’t know financial applications for smartphones can be infected with malware.
Recently Google was forced to delete malware remotely from users’ phones after some apps were infected with harmful software.
“People are clearly moving in the direction of using their mobile device for very personalised information,” AVG spokesperson Beth Jordan says.
“But when you see the number of people who aren’t using the security features that are standard, it’s an interesting statistic.”
The survey was conducted by the Ponemon Institute, surveying 734 US customers, although the AVG has said the results are similar to the same type of research conducted in the Australian market and the same conclusions apply.
The results are sobering – 56% said they did not know failing to log off from a social networking application could allow someone to change personal settings, and 29% said they already stored credit and debit card information on their phones.
“You’re starting to see people carrying very important information on their phones, but they are not treating them with the same level of concern and rigour as they treat their home PCs and laptops, and so on.”
“One of the things we’re seeing is that people are treating a phone like a wallet, but all of those basic things people do to protect their wallet and handbag, and so on, aren’t being done.”
The survey points out over 80% of respondents aren’t using the basic screen locking procedure on their phones.
Jordan says the lessons for businesses in the study are clear, as 35% of respondents said they store confidential work documents on their phones. 28% said they were unaware using their smartphone for both business and personal use puts confidential business information at risk.
And of those that did now, 12% had no idea whether crucial business data had been exposed.
“One of the things we asked was whether users are using their phones for just business purposes only, and the majority aren’t. They’re using them for business and personal use – and that’s where this becomes concerning.”
“Employees connect to email and exchange systems, carry around company data, and most of them are just not using the basic protections.”
Jordan says there are a few key lessons for businesses, and the first is to ensure that every employee who is using a smartphone with company data on it is using the basic protections on the phone itself.
“Those employees need to be educated about those basic protections, such as understanding how the PIN and password lockout system is used.”
But Jordan also says businesses need to start developing policies around what types of data should be contained on smartphones themselves.
“Education is really important, and your phone should be treated like a laptop. Employers need to think about how they are managing their data, and have a policy in place that is clearly defined.”
Jordan warns businesses need to start work on this immediately, as the lack of protection for smartphones means that market is “ripe” for an event that could cripple system data.
Patrick Stafford is a freelance journalist and a former deputy editor of SmartCompany.
