The rise of mobile in the enterprise has led many CIOs to become concerned about the potential for data loss due to a lost or stolen device — phones, laptops and the like lost in taxis, restaurants and hotel rooms. But a new study has found that CIOs also need to spend more time focusing on the office itself.
In July of this year, Kensington, a supplier of desktop and mobile device accessories (including laptop locks), surveyed 300 U.S. IT professionals from a range of industries for its IT Security & Laptop Theft report.
When Kensington asked respondents where company employees had experienced IT theft, the No. 1 response was 'cars and transportation' at 25 percent. But the No. 2 response, coming in ahead of 'airports and hotels' (15 percent) and 'restaurants' (12 percent), was the office (23 percent).
The survey also found:
- 34 percent of organizations don't have a physical security policy in place for their laptops, mobile devices and other electronic assets.
- 54 percent of respondents said they do not currently use physical locks for IT equipment.
- 80 percent of respondents don't use locks on non-computing equipment like projectors, hard drives, monitors or speaker phones.
Kensington suggests that IT may be lulled into a false sense of security that devices are safe on premises because users are working in the office.
"With research showing that a surprisingly high percentage of IT theft occurs in-house, IT directors and purchasers need to implement a formal physical security policy and take steps to secure their devices and the sensitive data they contain," Rob Humphrey, director of Global Product Management, Security, Kensington, said in a statement Monday. "Since studies confirm that well-implemented security can significantly decrease laptop theft by as much as 85 percent, it's important for IT personnel to consistently utilize physical locks for computing and mobile equipment to provide resistance to tampering and theft. Simple and secure device-locking products can give organizations the added layer of protection they need to safeguard both their data and their mobile assets."