Survey Says 51 Percent Of Organizations Lose Data Through Mobile Devices, 59 Percent Of Employees Dodge Security Controls

Mobile devices help business, but security is needed to prevent costly data loss

March 1, 2012

5 Min Read


SAN FRANCISCO, Feb. 29, 2012 /PRNewswire/ -- RSA CONFERENCE -- BOOTH # 1332 -- A new "Global Study on Mobility Risks" reveals that corporate mobile devices and the bring-your-own-device (BYOD) phenomenon are rapidly circumventing enterprise security and policies. Seventy-seven percent of more than 4,000 respondents in 12 countries agree that the use of mobile devices in the workplace is important to achieving business objectives. But 76 percent also believe that these devices put their organizations at risk—and only 39 percent have the necessary security controls to address the risk.

"IT has spent years working on desktop security and trying to prevent data loss over web and email channels—but mobile devices are radically changing the game," said Tom Clare, senior director of Product Marketing Management. "Tablets and iOS devices are replacing corporate laptops as employees bring-their-own-devices to work and access corporate information. These devices open the door to unprecedented loss of sensitive data. IT needs to be concerned about the data that mobile devices access and not the device itself."

According to a previous Ponemon Institute survey, IT respondents said 63 percent of breaches occurred as a result of mobile devices. And only 28 percent said employee desktop computers were the cause.(i)

Today's research, conducted by the Ponemon Institute and sponsored by content security provider Websense, Inc.' (NASDAQ: WBSN), is designed to help IT security professionals plan for an increasingly mobile workforce. The research shows that organizations often don't know how and what data is leaving their networks through non-secure mobile devices. Traditional static security solutions such as antivirus (AV), firewalls, and passwords are not effective at stopping advanced malware and data theft threats from malicious or negligent insiders.

To safely permit corporate use of mobile devices, Websense today released its new Websense TRITON Mobile Security solution. It combines four key components (web security, data security, mobile malware and app protection, and vital mobile device management features) into one solution. As a cloud security service, available anytime anywhere, it prevents confidential data loss on iPads, iPhones, Android, and other mobile devices.

More than 4,600 IT and IT security practitioners in Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Mexico, Singapore, United Kingdom, and the United States were surveyed. With an average of 10 years' experience in the field, fifty-four percent are supervisors (or above) and 42 percent are from organizations with more than 5,000 employees. This survey defines mobile devices as laptops, USB drives, smartphones, and tablets.

Key findings

Fifty-nine percent of respondents report that employees circumvent or disengage security features, such as passwords and key locks, on corporate and personal mobile devices. During the past 12 months, 51 percent of the organizations in this study experienced data loss resulting from employee use of insecure mobile devices, including laptops, smartphones, USB devices, and tablets. Seventy-seven percent of respondents agree that the use of mobile devices in the workplace is important to achieving business objectives. A similar percentage (76 percent) believes that these tools put their organizations at risk. Only 39 percent have the necessary security controls to address the risk, and only 45 percent have enforceable policies. Insecure mobile devices increase rates of malware infections. Fifty-nine percent of respondents say that over the past 12 months, their organizations experienced an increase in malware infections as a result of insecure mobile devices in the workplace, with another 25 percent unsure. Sixty-five percent of respondents are most concerned with employees taking photos or videos in the workplace -- probably due to fears about the theft or exposure of confidential information. Other unacceptable uses include downloading and using internet apps (44 percent) and using personal email accounts (43 percent). Forty-two percent say that downloading confidential data onto devices (USB or Bluetooth) is not acceptable in their organizations.

Websense cloud security services protect remote users anytime and anywhere, including mobile devices and laptops. Endpoint protection on the laptop includes data encryption with portal decryption for USB drives to securely share information between users.


"This survey shows that organizations need a safe way to manage their mobile devices," said Tom Clare, senior director of Product Marketing Management. "Websense saw that need and developed our new Websense TRITON Mobile Security solution. We think we are the only vendor that addresses the security gaps detailed in the survey. We take mobile security to the next level by combining device management (MDM) with real-time protection from data loss, dynamic web threats, mobile malware, and malicious mobile apps."

"We asked thousands of IT security professionals and mobile devices were overwhelmingly important to business objectives," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "However, mobile devices put organizations at risk—risks that they do not have the necessary security controls and enforceable policies to address. It's also clear that employees are deliberately disabling security controls, which is a serious concern."

Multimedia Elements:

A full copy of the Websense "Global Study on Mobility Risks" can be downloaded here.

Click to share the Websense "Global Study on Mobility Risks" on Facebook.

Click to share on Twitter:

New survey finds 51 percent of businesses lost data through mobile devices @Websense

Websense Links:

Facebook: "Like" Websense.

Twitter: Follow @Websense.

(i) Source: Ponemon Institute "Perceptions about Network Security" by Ponemon Institute, June 2011.

About Websense, Inc.

Websense, Inc. (NASDAQ: WBSN), a global leader in unified web security, email security, mobile security, and data loss prevention (DLP), delivers the best content security for modern threats at the lowest total cost of ownership to tens of thousands of enterprise, mid-market and small organizations around the world. Distributed through a global network of channel partners and delivered as appliance-based software or SaaS-based cloud services, Websense content security solutions help organizations leverage social media and cloud-based communication, while protecting from advanced persistent threats and modern malware, preventing the loss of confidential information, and enforcing internet use and security policies. Websense is headquartered in San Diego, California with offices around the world. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights