Effective mobile security requires a clear policy and compliance by employees. The reality is, most employees are not worried about mobile security. And employees are unaware of the true impact of a lost device or lost data. Here are a few excellent surveys (and scary stats) to keep in mind: 59 percent of employees estimated the value of the corporate data on their phones to be less than $500.
Companies estimated the costs of data loss much higher, with median costs of $22,000 for SMBs and $150,000 for enterprises according to a 2013 study:
Not only was there a significant financial impact, the organizations who suffered the data breach found their businesses were impacted as well:
- 60% of breaches resulted in some impairment of the business’ ability to function
- 53% experienced a negative impact on their reputation
The missing link: employee education
Most employees have not lost their mobile devices, but for the ones that have, 57% did not change their habits to keep their devices safer. Likely, this was due to the fact that there were minimal consequences for losing a device — 55% had a “discussion” or no penalty at all:
Lost (or insecure) mobile devices pose a big risk to your organization. The best way to stay safe is to implement a few key safeguards:
- Setup a clear mobility policy and educate your employees about the policy
- Add protection on your mobile devices to locate, lock or wipe in case the devices are lost or misplaced
- Make sure your mobility policy includes both security and device management
Or there is another approach. We recently chatted with a CIO that has a very concrete mobile policy: employees are responsible for keeping their data safe, and the consequences for data loss are steep: termination.