Security Market Segment LS
Thursday, 08 November 2012 01:58

Aussie mobile security not up to scratch despite concerns


Research into enterprise mobility has revealed that most Australian organisations are implementing some security measures for smartphones and tablets in the workplace, but many are not enforcing them consistently, despite saying that security related to mobile devices is their top concern.

More than half - or 56 percent - of Australian organisations surveyed by Forrester Consulting on behalf of Unisys, reported that security continues to be of great concern when allowing employees to access business data via a smartphone or tablet in the workplace.

And, 61 percent of organisations  surveyed for the 2012 Australian “Consumerisation of IT” study - cited implementing or improving mobile security as being a top mobility priority next year, while the majority of respondents – 66 percent – said that their focus would be on deploying password-based authentication for mobile users.  

However, according to John Kendall, Security Program Director, Unisys Asia Pacific, fewer are considering more sophisticated security measures, and only 18 percent are considering token-based authentication, with15 percent considering biometric-based authentication.

“Most organisations are relying on passwords, a relatively primitive solution, to secure their mobile devices and applications,” Kendall warned.

“A truly effective security approach requires a combination of strong policy and technology as well as the means to enforce both.

“The risk of a data breach via compromised passwords is higher in a mobile environment because mobile devices can be easily lost or stolen.  Unisys recommends that organisations consider multifactor authentication, where the employee is identified not only by ‘what they know’ (a PIN or password) but also by ‘who they are’ (a biometric such as a fingerprint or face scan) to protect sensitive assets.”

According to Kendall, security policies are only effective if employees adhere to them, and he points to the research which revealed that while almost 90 percent of Australian organisations have security policies in place, nearly half of them admitted that they lacked the tools to implement or enforce security policies.  

The Unisys study also found that, at the same time, only 64 percent of surveyed employees said they were aware of their company’s security policy, leaving 36 percent who were not. “Those uninformed workers could unintentionally breach the company security policies.  In addition, 6 percent of Australian employees say they sometimes ignore or work around their company’s security policies,” Kendall said.

Kendall said the research also exposed a potential security risk in the recent phenomenon of employees using BYO apps, with 42 percent of Australian employees admitting they had downloaded unauthorised mobile apps or PC software for work.  

“BYO apps bring a two-fold security risk: sometimes easily downloadable apps can be malicious vehicles for network breaches and data theft. To avoid negative consequences of employees’ using unauthorised software, organisations can create a company ‘app store’ that contains approved, secure software – either developed internally or purchased from a third party – to safely provide employees with the capabilities they need to do their work productively.”

Kendall also suggested that rather than rely solely on controlling access to data, organisations should consider securing the data itself via encryption. “That way even if the wrong people gain access to where the data resides, they still can’t read the data,” he said.

“The good news is that today’s mobile world is necessitating – and enabling – sophisticated new approaches to security.  For example, attribute-based access control is an emerging technology that grants access based not only on the nature of the data and the individual requesting access. It also factors in the location from which access is being requested and the method used to authenticate identity – for example, requiring a fingerprint rather than a password for access to more sensitive information.

“Attribute-based access control also identifies anything about the access request outside the employee’s normal pattern, such as attempts to access information they don’t normally access or at hours outside their normal work schedule.  Such approaches help stop data breaches before they happen by automatically enforcing appropriate security measures,” Kendall concluded.

The Australian study by Unisys was part of a broader global research study of employees/information workers and IT decision-makers conducted in June this year in the United States, Belgium, Brazil, France, Germany, The Netherlands, New Zealand and the United Kingdom. In Australia, there were 307 iWorker respondents and 79 IT and business respondents, with 90 percent from organisations with more than 1,000 employees.

Subscribe to ITWIRE UPDATE Newsletter here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Peter Dinham

Peter Dinham - retired in 2020. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News