For Immediate Release
Survey: Threat from Employee Pdas and Smart Phones Ignored
The overwhelming majority of businesses knowingly permit employee mobile devices yet fail to protect computer systems from them
Baltimore, MD. March 29, 2004 — As advances in personal digital assistants (PDAs) and smart cellphones have made them as powerful as desktop computers, employees are purchasing them in greater numbers and connecting them to their employers’ computer systems. According to a survey conducted by TNS NFO (formerly NFO WorldGroup), 86 percent of employers knowingly permit these employee mobile devices, yet nearly the same number - 83.6 percent of employers - have failed to set usage guidelines for these devices, leaving their computer systems vulnerable to malicious code attacks and information theft.
Employees are not any more aware than their employers of the threat their mobile devices pose to computer systems. The survey also found that 74.6 percent of employees that use personal mobile devices either do not have, or do not know whether they have, any security protection on their PDAs or smart phones.
"Businesses worry a lot today about front-end attacks from hackers and how to stop them," said Tom Goodman, vice president of operations for Bluefire Security Technologies, the firm that commissioned the survey. "However, they have not paid very much attention to the equally dangerous back-end threat coming from employees connecting their high-powered handheld devices to their enterprise networks."
Serious risk exists when an employee places a mobile device into an in-office cradle, because the device is recognized by the company network as a trusted user and given clearance to access mission-critical information behind the network security protection. A business competitor could then gain free access to a company’s entire database, and a sophisticated hacker could enter a corporate network through the device and use it to plant a computer program that would send information back to the source, undetected for an extended period of time.
The survey polled users of handheld devices from a weighted sample of Internet-connected households. In addition to the findings regarding the business use of employee handhelds, the study also found that consumers store vulnerable confidential information on their devices:
- Nearly 40 percent of PDAs and smart phones contain credit card numbers.
- More than 25 percent store incomes.
- Approximately 19 percent reveal health problems.
- Love letters reside on approximately 17 percent of PDAs and smart phones.
Only 9.5 percent of respondents, however, thought they would be embarrassed if someone stole any of this confidential information and posted it on the Internet.
"Consumers are clearly storing personal information considered private on their mobile devices, while employees using these devices for business are very likely storing data that their employers would regard as confidential," said Goodman. "Implementing a proactive mobile security strategy for employee-owned devices can not only protect a corporation from potential security problems, but it will also provide a platform for broader mobile enterprise planning.
By centrally managing what these devices can access, store and process, an organization can safely and effectively manage its mobile workforce."
If you are a member of the media and wish to obtain the survey results, please contact Bluefire at 410-637-8160.
About Bluefire Security Technologies, Inc.
Bluefire Security Technologies provides a complete security solution specifically designed for mobile handheld devices. The Bluefire Mobile Security® Suite is the industry’s only fully integrated security solution including authentication, encryption, and integrity monitoring, firewall, logging and central management. Bluefire enables the secure deployment and use of handhelds across the enterprise by allowing handheld devices to be secured as part of the IT network infrastructure. Bluefire Security Technologies recently won the Ernst & Young Entrepreneur of the Year 2005 - Maryland Award.
Bluefire Mobile Security® solutions support the Microsoft Windows (WM) 2003, Windows Mobile 5.0 and Palm operating systems; are available directly from Bluefire and Software Spectrum in the United States, and internationally through Ubitexx GmbH (Germany) and Synergy Software Systems (UAE); and are certified by Cingular Wireless.
For more information email info@bluefiresecurity.com or call (410) 637-8160.
About TNS NFO
TNS NFO is part of TNS, a leading global provider of market information. The company collects, analyzes and interprets information to help its clients better understand the needs and wants of their customers. TNS provides research, advice and insight on market segmentation, advertising and communications, new product development, brand performance and stakeholder management. The company is also one of the leading providers of social and political polling.
From its global network, which spans 70 countries, TNS provides local expertise and knowledge, together with internationally consistent information and analysis to multi-national organizations.
TNS is listed on the London Stock Exchange (TNN). Further information can be found on www.tns-global.com.