A majority of employees use their personal devices to check in on their work email and many expect to invest in mobile security in the coming year, according to a new survey from cybersecurity firm Lookout.
The company polled 100 attendees on the grounds of the RSA Conference in San Francisco, which pulls private- and public-sector cybersecurity professionals, and released preliminary results of their survey Wednesday.
The majority of people polled (76 percent) said they have accessed their corporate network, corporate email or corporate cloud services from a personally-owned device and from public Wi-Fi networks. Most commonly, the attendees said they use their mobile devices to access corporate email (85 percent), Slack and other messaging services (53 percent), and storage services, such as Google Drive or Box (43 percent).
“Mixing personal and public environments with corporate data can be a source of significant security risk, and is responsible for the erosion of traditional network perimeter security,” Lookout said.
More than half (52 percent) of respondents said they plan to increase their mobile security spending over the next 12 months, which indicates increasing awareness of security risks on mobile devices.
Such a move may also be partly due to the fact that 1 in 10 RSA respondents noted that their organization experienced a mobile cybersecurity breach or incident in the course of the last year.
“The adoption of cloud computing across government has created an environment where critical government data can be accessed from mobile devices that lie beyond an agency’s traditional IT perimeter,” Lookout’s Vice President of Americas Bob Stevens told Nextgov in a statement. “It’s evident from looking at the post-perimeter survey results that a growing number of people are accessing corporate email or cloud services from personally-owned devices, which indicates a need for security beyond the traditional perimeter.”
Stevens also referenced a separate study that found more than 55 percent of 300 government employees are already using personal mobile devices to access work data at home.
“Government employees are going to access, and have accessed agency data on personal devices, regardless of policies that prohibit the behavior,” he said. “It can’t be stressed enough that in the post-perimeter era, government agencies will need to move critical security functions to the endpoint, implement device-friendly policies and take a zero-trust approach to security to protect critical information.”