Businesses are worried about the possibility of mobile phone eavesdropping, but few are doing anything about it, according to a study released yesterday.

The survey, which was conducted in the U.S. by ABI Research and sponsored by U.K. mobile security vendor Cellcrypt, suggests most businesses are doing little to protect themselves against data leaks from mobile phone calls.

Three-quarters of the 250 IT executives surveyed said their organizations have a security policy covering cell phone calling. Four out of five respondents believe cell phones are equally or more vulnerable to interception than email, according to the study.

Yet even though the majority of respondents said their employees regularly discuss sensitive information over wireless channels, only 18 percent have deployed mobile voice call security technology, ABI says.

Interestingly, 55 percent of respondents in IT roles initially thought their organization had implemented mobile voice call encryption solutions. But on further investigation, only 18 percent found their organizations had actually done so.

"Effective email security has become routine, but our research shows most businesses do not apply anything like the same level of robust security to cell phone calls," says Stan Schatt, vice president and practice director for healthcare and security at ABI Research.

"In light of this summer's news that a GSM cracking codebook will be made widely and freely available very soon -- possibly before the new year -- and sub-$1,000 interception equipment being available soon after, this lack of security is particularly worrying," said Simon Bransfield-Garth, CEO of Cellcrypt.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.