Survey finds disconnect between mobile device use and mobile security preparedness

While the majority of small business owners allow employees to use mobile devices such as smartphones and tablets, few have taken steps to ensure these devices are kept safe from cyber threats.

According to a recent survey commissioned by AT&T and the Polytechnic Institute of New York University, 90 percent of small businesses allow their employees to access work email via mobile devices, and 41 percent allow employees to use these devices to access business files. Eighty three percent of small businesses allow employees to use personal devices for work.

Only 65 percent reported information and data security of wireless devices as a concern, versus 91 percent concerned about computer and online data security. Fewer than one-third (29 percent) have installed anti-virus software on smartphones.

The survey also found that 82 percent of small businesses have taken steps to secure company laptops. In contrast, only 32 percent are taking measures to protect smartphones, and 39 percent to protect tablets.  Of the majority not taking steps to protect these mobile devices, fewer than half (42 percent) have plans to increase security.

"There is a troubling disconnect between business owners who want to keep data safe and the necessary steps to protect it," said Ed Amoroso, Chief Security Officer, AT&T. "With more employees using mobile devices, especially personal devices, business data is increasingly vulnerable to cyber threats. Protecting critical information can be easy and affordable, and small businesses need to recognize the reality of today's environment – this is a step they can't afford to ignore."

In addition to mobile security questions, the survey also asked business owners whether their business had experienced a cyber or online security incident. Nearly four in 10 (37 percent) reported being the victim of a security breach, such as a virus, mobile malware or phishing, with 21 percent being victimized within the last two years. 

"Small businesses need to better understand their risk profile," said Nair Memon, Professor of Computer Science and Engineering and founding director of The Center for Interdisciplinary Studies in Security and Privacy (CRISSP) at NYU-Poly. "This means treating every device that touches your network, from laptops to smartphones, as vulnerabilities and ensuring that security is built into the equation at every level." 

For additional survey results, please click on this link for the fact sheet.