News Archive

A Bargain, But Whats The Risk?

by msecadm4921

More people than ever are using their personally owned smartphones to send and receive e-mails, browse the Internet, shop online and visit social media sites‚Äîas well as perform work activities or even connect to the company network. And with the holiday season fast approaching, it is perhaps not surprising that more than half of employees in the UK will do more online shopping this year than they did last year….

According to ISACA’s 2011 Shopping on the Job: Online Holiday Shopping and BYOD Security survey, half of UK employees questioned will use their smartphones to shop online between early and mid-December. As the line between personal and work devices continues to blur, potentially putting corporate data at risk, it is critical for companies to embrace the technology, and educate their employees on the risk.

The survey shows that shoppers are moving toward online shopping from smartphones to get bigger bargains and avoid crowds. Dipping into the research, ISACA, a global, non-profit IT audit and security association, found that 13pc of respondents choose to shop online because e-shopping is faster than brick-and-mortar shopping, and 30pc say they primarily shop online because it is easier than heading to the stores.

About one in 10 online shoppers uses shopping apps—although it is interesting to note that a number of users are concerned about their revealing their geolocation, with 75pc saying they would turn off user location tracking because of fears surrounding stalking and identity theft.

And it’s not just geolocation that has online Christmas shoppers worried, as many users reported they were concerned about smartphone security generally. Nearly 10pc of respondents use work-supplied smartphones, while 54pc say they use personal devices for work, showing a growing trend known as bring your own device (BYOD)—there is not just a risk to the user’s device and data, but also to the user’s employer.

Half of the UK respondents to the survey said they are more concerned with protecting the security of their own PC or smartphone than their work-supplied computer or smartphone. A quarter of respondents said they are not concerned that shopping online at work may affect their organisation’s IT network.

Commenting on results

Marc Vael, director at ISACA and chair of the association’s Knowledge Board, said the number of people who are not concerned about their organisation’s IT network is concerning, as well as the number of employees who use a personal device for work.

“As they are grabbing online deals and buying gifts for loved ones with their work-supplied devices, or personal devices also used for word, employees also have to be aware that they are placing not only their own security, but also their organisation’s information, at risk,” Vael said. “It is important to provide education and take precautions since the BYOD trend is here to stay.”

It’s with this in mind that ISACA provides tips to help employees manage their personal smartphones, tablets or notebooks that they also use for work activities:
– Find out if your company has a policy for using personally owned devices for work activities.
– Understand what happens if that device is lost or stolen.
РFollow ISACA’s five-step “ROUTE” for informed use of geolocation.
– Sensitive data stored on mobile devices should be encrypted and password-protected.
– Only load apps from a trusted provider.

“There is a distinct gap between what IT departments may do and what employees understand or know about,” said John Pironti, CISA, CISM, CGEIT, CRISC, CISSP, security advisor with ISACA and president of IP Architects. “For example, many employees do not realize that, as part of the process of connecting their personal device to the organization’s corporate network, they may have agreed to allow their personal smartphone or tablet to be remotely or locally wiped clean if they lose it or the organisation believes it has become compromised while storing confidential data. Setting a policy for the use of personal smart devices and effectively communicating it to employees are crucial.”

About the 2011 ISACA Shopping on the Job Survey

Online Holiday Shopping and BYOD Security
The ISACA Shopping on the Job Survey: Online Holiday Shopping and BYOD Security, which is now in its fourth year, helps gauge current attitudes and organisational behaviours related to the risk and rewards associated with online shopping, and the blurring boundaries between personal and work devices. The study is based on an October 2011 online polling of 4,740 ISACA members from 84 countries, including 137 from the UK. A separate online survey was fielded among 1,000 consumers in the UK in October 2011 by Eskenzi PR. To see the full results, visit –

Related News

  • News Archive

    Partners Gather

    by msecadm4921

    HID Connect, the partnership arm of HID Global, the access control manufacturer, held its first EMEA regioniNNOVATIONconference on November 29 and 30.…

  • News Archive

    Cable Poster Campaign

    by msecadm4921

    Nexus has joined forces with North Tyneside Council and Northumbria Police to launch a poster campaign to warn of the dangers and…

  • News Archive

    Words Of Liberty

    by msecadm4921

    John Wadham of civil liberties group Liberty speaks to Una Riley. I have wanted to catch up with John Wadham the Director…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing