Aruba Networks Inc. is calling for businesses worldwide to take action as a new mobile security risk report reveals that businesses are ill prepared for the high-risk, high-growth mindset of the #GenMobile workforce, creating alarming disparity around security practices in the corporate world. The chasm that is exposed between age, gender, income level, industry and geographic location has a direct effect on the security of corporate data.
The ‘Securing #GenMobile: Is Your Business Running the Risk?’ security threat study, which questioned over 11,500 workers across 23 countries worldwide including the two largest IT markets in the Middle East – Saudi Arabia and UAE, showcases that employee attitudes are swaying towards a more sharing, security-agnostic workplace. The study shows that highly regulated and tech savvy industries, higher-earning males, and emerging markets pose the greatest risk to enterprise data security.
Aruba believes three key trends highlight how #GenMobile is paving the way for risk-prone behavior in the workforce – which is both good and bad for business.
- Sharing becomes the norm: Six in ten share their work and personal devices with others regularly. Nearly a fifth of employees don’t have passwords on devices, with 22% of those stating they don’t have security measures in place so that they can share more easily.
- Security agnostic attitudes arise: Security ranks fifth behind brand and operating system when #GenMobile is making buying decisions for new devices. Nearly nine in ten (87%) assume their IT departments will keep them protected; however, nearly a third (31%) have lost data due to the misuse of a mobile device.
- Self-empowerment succeeds: Over half (56%) of workers today said they are willing to disobey their boss to get something done, another (51%) say that mobile technologies enable them to be more productive and engaged, and over three quarters (77%) are willing to perform self-service IT.
“#GenMobile workers are flexible, transparent and collaborative, willing to take action to drive productivity and business growth. That said, these employees are also far more willing to share company data, and are notably oblivious towards security,” said Ben Gibson, CMO of Aruba Networks.
However, as this high-risk culture enters the enterprise, the report finds an alarming level of disparity among industries, individuals and countries when it comes to the treatment of mobile devices and data:
The discrepancy between industries
- Finance is leaking data: Believe it or not, 39% of respondents from financial institutions admit to losing company data through the misuse of a mobile device, which is 25% higher than the average across all industries surveyed. The public sector (excluding education) is the least likely to report lost or stolen data.
- High tech is at high risk: High tech employees are nearly two times (46%) more likely than hospitality or education workers to simply give up their device password if asked for it by IT.
- Teachers need a lesson on security: The study reveals that educators are 28% more likely to store passwords on a sheet of paper compared to those in high tech. Educators also score the lowest compared to all other industries when asked if they password-protected their personal smartphones.
Spotting the risky individual
- Males more prone to data theft: Men are 20% more likely to have lost personal or client data due to the misuse of a smartphone, and 40% more likely than females to fall victim to identity theft.
- Younger employees wreak havoc on company security: Respondents over the age of 55 are half as likely to experience identity theft or loss of personal/client data compared to younger employees. The age bracket with the highest propensity of data and identity theft are employees between 25-34 years old.
- Larger salaries linked to greater security risk: Employees earning more than $60K are more than twice as likely as employees earning less than $18K to have lost company financial data and 20% more likely to lose personal data due to misuse or theft of a mobile device. Ironically, when offered money, those that earn greater than $75K were three times as likely to give out their device password as respondents making less than $18K.
Mapping global risk trends
- High-risk, high growth: The emerging and growth markets of China, Thailand and the United Arab Emirates (UAE), are found to exhibit the highest risk behaviors worldwide suggesting that greater risk-taking is linked to increased growth and opportunity as much as it relates to security risk.
- West is playing it safe: To support this connection, the least risk-prone countries are the westernized markets, including the USA, UK and Sweden.
Businesses lacking adaptability
The study suggests that businesses may not be prepared for what lies ahead with over a third (37%) not having any type of basic mobile security policy in place. Nearly a fifth (18%) of employees do not use password protection on their devices, suggesting that employers aren’t enforcing some basic security practices.
Aruba contends that if businesses strategically measure and intelligently manage their security, the more flexible, open methods of working and information exchange that #GenMobile workers bring can drive new business innovation.
“Organizations in the Middle East should strive to build a secure and operational framework for all workers, rather than stifle them. These trends underline that #GenMobile employees continue to be a growing part of the everyday workforce, but they also bring with them some risky behaviors,” says Ammar Enaya, general manager of Aruba Networks Middle East.
“In a contemporary connected world, firms need to nurture creativity, while at the same time minimize the risk of data and information loss. As a result, employers need to take an adaptive trust approach to connectivity and data security, identifying individual worker preferences that factor multiple layers of contextual information in order to build secure infrastructures around them.”
Run your risk
Using this global data, Aruba has developed an online Security Risk Index tool to allow organizations to benchmark their Mobile Security risk levels relative to organizations in their country and industry.