Companies Not Protecting Data on Mobile Devices
According to a recent Ponemon Institute report, The Risk of Regulated Data on Mobile Devices, many organizations fail to protect regulated data on mobile devices and in the cloud. Regulated data is sensitive and confidential information that organizations are legally required to keep secure. Examples include protected health information, credit reports, credit card details, employee records and customer accounts. The study, which is sponsored by WatchDox, sampled 798 American IT and IT security practitioners. The research reveals that "many organizations are in the dark" about compliance with these laws with respect to mobile devices. Sixty-seven percent of respondents say their organization must comply with U.S. state privacy and data breach laws, yet only 18 percent believe these laws apply to mobile devices. Furthermore, organizations are unaware of how much regulated data is on mobile devices used by employees or transferred to cloud-based file-sharing applications. The companies often do not prevent employees from accessing regulated data with unsecured mobile devices. Because they also do not take seriously the risk of having regulated data on mobile devices, they often fail make it a top security priority.