I was fascinated to read the results of a recent survey from the Ponemon Institute (for Cyber Research)
A little background first, the Ponemon Institute was founded in 2002 by Dr. Larry Ponemon. Headquartered in Michigan, the Ponemon Institute is considered the pre-eminent research center dedicated to privacy, data protection and information security policy. They publish multiple monthly reports, surveys and data concerning all things “cyber.”
The following TWITTER post jumped out at me when I was scrolling through the site last week: 51% of respondents on a recent survey do not take any steps to protect the data that is connected to their cell phones. (Ponemon Institute)
That is a shocking statistic and I was so amazed at that sentence that I downloaded the entire report and read each word (link to website below)
It gets a bit worse…
Here are the accompanying statistics:
· Only 20 percent of respondents describe their use of smartphones or tablets as exclusively for personal use. That translates to 80 percent using their cell phones for at least some business use.
· 73 percent of those surveyed report that they are addicted to their mobile device and spend an average of “7” hours a day accessing data from their device. (including business-related data.)
The entire report is filled with fascinating facts concerning how much individuals use their cell phones, what information they access daily, the amount of business-related information they store/connect to from these devices and how little they do to protect the information stored on and accessed from their cell phones. What jumps out at you is how much employees use their cell phones to check work emails (49%); log into work related systems and applications (43%), log onto unsecure Wi-Fi networks (85%), and download from websites that may not be trustworthy (44%).
There are many steps employers can take to make sure employees are securing their cell phones in the same manner that they are securing their office desktop computers and lap top computers.
Mobile Device Cyber – Plan Action Items for Businesses:
1. Requiring all mobile devices that connect to the business network be equipped with security software and password protection before giving access to employees to your data.
2. Providing general security training to make employees aware of the importance of security practices for mobile devices and what can happen when a data breach occurs
3. Install security software specifically designed for smartphones can stop hackers from spying on you when you use public networks.
4. Data Encryption on all work/business related information.
5. Encourage employees only to use Wi-Fi networks that are secure and require password access.
6. Make sure all updates on applications and software are installed when available. This will contain current security measures to keep mal-ware and viruses from penetrating the security firewalls that you have set up to protect your data.
7. Devise a game plan for employees if their mobile devices are stolen or lost. Time is a critical factor and employees will need procedures on “who to inform” if their device goes missing.
And 8. Reading the results of the Ponemon Survey, has strengthen my conviction that every business large or small needs to invest in a cyber policy. Although you trust your employees unquestionably; and attempt to protect your data, religiously; there are too many variables, too many possibilities, too many aspects left to chance that can lead to a major breach and destroy your business…
One last statistic that I also read that is not part of the Ponemon Survey, but is the most glaring statistic of all:
60% OF SMALL BUSINESSES CLOSE THEIR DOORS WITHIN 6 MONTHS AFTER A CYBER ATTACK. - (Congressional Rep. Chris Collins of the House Committee on Small Business on the cyber threat to small business. March 22, 2013)
**Statistics culled from the Report “How Much Is the Data on Your Mobile Device Worth” January 2016 – Independently conducted by Ponemon Institute LLC