We just released the Absolute 2015 US Mobile Device Security Report, sharing the results of a survey conducted earlier this year among employees who use an employer-owned device for work. The results of the survey provide insight into employee attitudes toward IT security and their behaviors on corporate-owned mobile devices, showing an eye-opening perspective on the security risks depending on employee age, as well as other factors including company size, employee role and number of devices in use. According to our survey, Millennials prove to be a greater risk to data security as compared to other user categories.
“We conducted this survey with the intention of helping enterprises better understand the current attitudes that employees have towards data security and privacy,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Armed with this information, our customers can consider user behavior as an additional data point in their endpoint security and data risk management strategies.”
The 2015 US Mobile Device Security Report demonstrates clear differences in generational behavior and associated risks related to data security:
Aside from generational differences affecting data security, we found a general apathy toward IT security, consistent with our past findings, as well as a clear difference in behavior associated with position level in the organization.
Although many of these findings are troubling, we have seen positive movement in others. In our 2013 report, 59% of employees believed the corporate data on their device was worth less than $500. In 2015, that figure has shifted to 25%, with an additional 23% believing the data to be worth more than $50k. These figures indicate an increased awareness of the high value associated with corporate data.
“While the report indicates real progress in a number of critical security areas, there is still a lot that can be done to modify behavior and educate employees,” said Mr. Midgley. “Ultimately, everyone is responsible for protecting sensitive business information. Knowing there is ambiguity between how different users may approach this requirement, IT leaders need to provide meaningful guidance and training that reinforces this collective accountability.”
In our report, we outline a 3-pronged approach to mitigate security risks, including Education, Policies and Layered Technology solutions to secure devices. You can learn more about how to Mitigate Mobile Device Security Risks in our full report here.