One of the benefits to bringing together nearly all of the public sector’s top influencers at the Symantec Government Symposium each year is the opportunity to take a unified snapshot of the federal IT security landscape, and to gauge precisely how perceptions (and realities) have shifted over the past 12 months.
As it happened, this year’s snapshot focused mainly on the security implications of mobile computing and the proliferation of mobile devices in the Federal Government. We polled 195 top IT decision makers (75% Federal, 13% DoD/Intel, 12% SI), and here’s some of what we learned:
- 75% of Federal IT professionals with responsibility for mobile security say the adoption of mobile devices has increased their security risks.
- Only 47% of Feds say their organizations adequately manage the mobile devices they use for work purposes.
- Only 8% of agencies have Mobile Device Management (MDM) for organization-owned and personal devices.
- Approximately one-third of agencies are not utilizing authentication or encryption for mobile devices.
Not exactly a rosy picture, is it?
And the threat is spreading. Already, 77% of Federal IT professionals report spending a portion of their workday on smartphones, eReaders, and tablet computers (with nearly half reporting 2 or more daily work hours on mobile devices). And in case you think the danger is only theoretical, consider that 22% of those who reported a security breach in the past 12 months say the breach included mobile devices as either ancillary or primary breach components.
Clearly, the time has come to take a serious look at mobile security in the Federal Government through improved employee education, clearer policy guidance, and centralized/automated device management. With sensitive government information spreading to countless mobile devices across the nation and the world, one thing becomes crystal clear:
It’s no longer feasible to secure the information infrastructure; we must focus on securing the information itself!