More than a third of public sector managers say they’ve sacrificed security around mobile devices to ‘get the job done’.
The findings are from a 2020 survey of senior professionals from the US, UK and Australia responsible for the procurement, management and security of mobile devices, of which more than 200 were from public sector organisations.
More than one in three from this group said they were prepared to live with potential security risks if it meant being able to get their work done.
“Despite the likelihood of being compromised and the consequences when it happens, 35 per cent of public sector respondents admitted they had sacrificed mobile security to ‘get the job done’,” the report says.
Increase in use of mobile devices
The report says the volume and variety of devices using wireless connectivity has grown massively, with the IoT enabling public services, smart city infrastructure and even Defence support.
COVID 19 saw a further acceleration of mobile device use and cloud based apps, Verizon Security Solutions Consultant Aaron Sharp says.
Two-fifths of public sector respondents surveyed said mobile devices were “extremely critical” to the smooth running of their organisation.
“When you have to get everyone working from home really quickly, mobile devices are a pretty easy solution in terms of just giving people access to platform to access things,” Mr Sharp says.
Heightened security risks
But the changing environment is providing fertile pickings for cyber criminals who are after data, credentials or gateway access.
The report found 25 per cent of public sector respondents had experienced a compromise involving a mobile device, with local, state and federal organisations all affected.
State government bodies fared best, with less than one in eight reporting they’d been hit. However nearly one in three local government agencies were aware of having been compromised.
Sixty-64 per cent said there were major consequences, with the top three being loss of data, disruption to operations and increased risk to employee safety.
Malware topped the list of threats.
Public Wi-Fi can also be fraught and nearly two-fifths of public sector organisations said it had played a role in a mobile-related compromise.
However, less than one in 10 public sector organisations blocked its use.
Mr Sharp says he doesn’t believe the current trends in mobile connectivity, or its use in the public sector, will reverse any time soon.
“I think the cloud adoption trend is going to continue and what that means is people are going to be accessing more data from more places,” he told Government News.
That’s going to make your attack surface larger, which gives attackers more angles to do bad stuff. ”
Mr Sharp says its important to have appropriate VPN solutions in place to make Wi-Fi more secure, and employees should also understand acceptable use and behaviour around mobile devices.
“Just having a formal acceptable use policy is a good step forward,” he says.
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at firstname.lastname@example.org.
Sign up to the Government News newsletter