Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

4/25/2013
01:27 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Employees Keeping Quiet On Potential Corporate Data Leaks

Research from Kaspersky Lab reveals poor mobile device management strategies leaving business information exposed

ABINGDON, England, April 25, 2013 /PRNewswire/ --

Research from Kaspersky Lab reveals poor mobile device management strategies leaving business information exposed

European SMBs are exposing themselves to high risk of corporate data leaks with a lack of understanding from the IT department around mobile device management and lackadaisical employees. More than three quarters (77%) of UK employees would omit from telling their IT department about the theft or loss of a company owned device within an hour of its loss, leaving the business at unnecessary risk of a potential data breach. New research by TNS for Kaspersky Lab which questioned European SMBs shows that, in spite of the recognised risk,

29% of IT managers believe it would take an entire working day to be informed. 25% said it would take employees at least half a working day to get round to telling them.

Worryingly these results show that if a corporate notebook, tablet or smartphone gets stolen, thieves may have several hours to access the data on it before the IT department is able to take preventative measures. This provides more than enough time for a cybercriminal to siphon off sensitive business data, harvest contact details, read corporate e-mails and even log into personal online accounts (e.g. Twitter, Facebook) and change the passwords.

Despite a third of the European SMBs surveyed recognising that the loss or theft of a smartphone could seriously compromise business integrity, only 35% of IT managers agreed that data encryption was a better method of protection than a simple password. Alarmingly, 54% of those surveyed believed that a password alone provides just as much protection for sensitive data as encryption. This lack of understanding is a real concern as businesses both large and small see flexible working and mobile devices as a staple of the modern workplace. Greater recognition of the potential risks associated with poor mobile device management is clearly needed.

"The ever-growing abilities of mobile devices make our lives much easier", says David Emm, senior security researcher, Kaspersky Lab. "However, what we don't always consider, is the ease with which such tools can be stolen, leaving a wealth of business critical information in the hands of thieves. To a seasoned cybercriminal, it will take only a matter of minutes to by-pass the four digit password protection used on most devices, especially smartphones. If your mobile device is lost or stolen, it is critical that the IT department is informed as fast as possible. They can then block access of this device to the corporate network and, in the best case, wipe all of its data."

Mobile Device Management solutions offer a variety of options to keep control over devices which have left the enterprise perimeter. Encryption of data on devices is one of the most effective measures, but modern solutions also offer remote data wipe functions and GPS localisation of lost devices. Solutions such as Kaspersky Lab's recently launched Kaspersky Endpoint Security for Business allows IT managers to remotely manage all devices on the company network and the data secured within, all from a single management dashboard.

Notes to editors:

The survey was conducted by TNS Infratest for Kaspersky Lab in January 2013.

1.762 IT decision makers and influencers in European companies with 10-500 employees were questioned.

About Kaspersky Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for consumers, SMBs and enterprises. The company currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.co.uk.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012-2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.

Follow us on Twitter

http://www.twitter.com/kasperskyuk

Like us on Facebook

http://www.facebook.com/Kaspersky

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8720
PUBLISHED: 2020-08-13
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local access.
CVE-2020-12300
PUBLISHED: 2020-08-13
Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2020-12301
PUBLISHED: 2020-08-13
Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2020-7307
PUBLISHED: 2020-08-13
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
CVE-2020-8679
PUBLISHED: 2020-08-13
Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.