Top 5 mobile device behaviors threatening security of Singapore SMEs

Network security compromised by these behaviors.

A new survey from SolarWinds showed that the five most common user behaviours on mobile devices which threaten the security of the Singapore SMEs surveyed include the loss of handsets, unsecured sharing of company files/data, use of unsecured WiFi, creating passwords which are too easy to crack, and not using a VPN and visiting phishing or malware sites.

On a broader assessment, SolarWinds' survey results also suggest that the increasing prevalence of Bring Your Own Device (BYOD) amongst SME staff in Singapore is causing a headache for IT admins, who feel they are ill-prepared to deal with growing security issues associated with the trend.

Interviewing 150 IT decision makers at Singapore SMEs, the survey showed that almost half of those polled (47 per cent) place the security and safety of mobile devices solely in the hands of their staff, with only 16 per cent providing staff with some assistance in securing their device, such as installing anti-virus or anti-spam programs.

Also, despite the fact that over 70 per cent of respondents agreed that mobile devices pose the biggest risk to network security, and almost the same amount (67 per cent) admitted to heightened concerns because their employees used their own devices rather than company supplied devices for work, only half of all those surveyed said that they had developed an IT security plan for their business.

Respondents who were charged with maintaining and securing employees' personal mobile devices within their network also cited that the most common issue they faced was the inability to rapidly identify, quarantine and mitigate threats, with 35 per cent citing this as a problem.

Other BYOD issues included the visibility (or lack thereof) of corporate devices on the network, viral attachments, and even uncooperative employees, with 27 per cent highlighting this as a roadblock to mobile security.

“Given that more than a third of all SMEs surveyed (35 per cent) have all of their staff using their own mobile devices for work, the lack of assistance provided to staff to secure those devices poses a significant risk for organisations of this size,” said Sanjay Castelino, VP and market leader, SolarWinds. “In fact, around 10 per cent of the respondents reported that their employees’ mobile devices have already threatened the security of their organisation.”

Surprisingly, this figure was skewed upwards by larger organisations that would be expected to have more defined security policies and procedures in place than their smaller counterparts, with 15 per cent of those in businesses of 50 or more staff reporting a previous threat to security, but just three per cent from those with less than 50 staff.

Additionally, almost a third of those who had implemented a mobile security solution (31 per cent) only did so in response to a threat, rather than to mitigate against potential threats.

SolarWinds said that to contextualise the scale of the problem, in Singapore, an SME is defined as having an annual sales turnover of not more than S$100million (A$85m) or not more than 200 staff. This represents 99.3 per cent of all businesses in Singapore.