Too many businesses are ignoring the simplest of tech security measures, including setting passcodes on phones and wiping hard drives remotely, new research shows – leaving them open to corruption and hacking attacks.
According to research released today by software security company Acronis, which surveyed 390 IT professionals in Australia, 57% have no personal device policy in place for their workplace. But out of those, 27% have an exception for executives, who can only use company technology as they are interacting with more sensitive data.
This is a huge problem for SMEs. With so many different employees using various models of phones and tablets, all with their own security strengths and vulnerabilities, businesses are leaving themselves vulnerable to attack.
Get daily business news.
The latest stories, funding information, and expert advice. Free to sign up.
The “bring your own device” trend, or BYOD, is a thorn in the side of many IT professionals who are stressing the need for companies to ensure security while managing all these different devices.
Digital security firms have often warned hackers will attack businesses through the device of an employee – because they rarely have security measures in place, this is a much easier way to gain access.
Simon Howe, the sales director of mobility solutions for Acronis, told SmartCompany the findings are alarming, but also a combination of “a lack of awareness, understanding, but also of time and resources”.
“The productivity benefits here are not understood because most organisations are allowing employees to bring in their own devices,” he says.
“I’m not sure it’s down to these businesses not valuing the data. It’s just they haven’t had the opportunity to be educated on these risks.”
Simple security measures such as passcodes on phones are being overlooked – just 32% of companies mandate a passcode lock on phones, and 15% perform remote device wipes when employees leave a company.
The cloud is a big issue, with many companies using sharing services such as Dropbox. But 74% of respondents said they don’t have policies for public cloud, and 78% don’t even have any proper training for how these services are used.
The popularity of Apple products is also causing trouble – 72% of organisations support Macs but 58% say compatibility is still an issue.
Howe is most concerned about the percentage of companies which say they aren’t even doing simple things to make their business more secure. Even if they don’t have million-dollar budgets for sophisticated security systems, Howe says issues like passcodes on phones are still needed.
“One thing that surprised me was the lack of training and organisation,” he says. “That’s such a simple thing to change and address.”
Above all else, he says, companies need to address this deficiency by doing just a few simple things – mandating passcodes on phones, ensuring stronger passwords that are regularly changed on computers, and introducing some basic training for security.
“This is just simple stuff that can be put into place,” he says. “It doesn’t take a lot…but simple training can assist anyone.”