Corporate laptops unprotected against theft or data loss
Over half of UK public and private sector organizations are at risk of data breaches, losses and leaks from portable PCs and devices, according to Check Point. A total of 52% of respondents said they do not use data or device encryption to secure their business laptops, and a further 8% admitted they didn’t know if encryption was in use.
Despite the lack of data security on laptops, 68% of organizations reported they had a VPN client deployed on their corporate fleet of portable PCs. This leaves a majority of businesses potentially vulnerable to unauthorized network access from lost or stolen laptops.
In addition, the survey of 130 UK IT managers and senior IT staff revealed a growing preoccupation among organizations over consumerization of technology – employees using personal devices like laptops or smartphones for work purposes.
Employees use personal devices for work in 55% of the organizations surveyed; yet 39% of the respondents said they had no formal process for deploying security to these devices.
Only 37% of the organizations prohibit the usage of laptops or smartphones for professional purposes, and 61% restrict access to the organization’s network or data resources from personal devices.
The study also raised the issue of corporate laptop allowances. 10% of respondents said that their company already offers – or plans to offer – personal “laptop allowances’ to employees so they can purchase their own laptop for both personal and business use. While 48% agree this will cut down IT expenditure, a majority (68%) were concerned about the security risks involved, and 76% feel this will increase IT management overhead.
Consumerization of business IT is also a clear concern among IT administrators. Many organizations haven’t set up an appropriate plan to secure the use of personal laptops and smartphones in the workplace. These vulnerabilities need to be addressed by a combination of education and technology so that organizations can protect their data, their business and their employees against security risks.