Rush to deploy tablets has left security in the lurch
Close to half of organizations are allowing the use of company or privately owned tablets, up from just 20 percent in 2011, according to accounting firm Ernst & Young's annual information security survey.
At the same time, the adoption of mobile security techniques and software in the enterprise is relatively low, with just 40 percent of organizations using some form of encryption technique on mobile devices, the global survey of 1,850 chief information officers, chief information security officers and other information security executives found.
While 31 percent of enterprises reported a higher number of security incidents in the last two years, a disturbing 63 percent of organizations have no security framework in place.
"The new normal for the CIO is that fast is not fast enough. The velocity and complexity of change is happening at a staggering pace, with emerging markets, continuing economic volatility, off-shoring and increasing regulatory requirements adding to an already complicated information security environment," said Paul van Kessel, Ernst & Young global IT risk and assurance services leader.
With the number of organizations using the cloud almost doubling in the last two years, 38 percent of organizations have not taken any measures to mitigate the risks, such as stronger oversight on the contract management process for cloud providers or the use of encryption techniques. A slim majority of organizations reported plans to increase their information security budget by more than 5 percent in the next 12 months.
The proliferation of mobile devices in the workplace will continue to challenge chief information officers and IT staff in terms of support and security. Apparently, enterprises have yet to fully grasp the security implications of allowing employees to bring their mobile devices to work.
- check out Ernst & Young's survey