Results Of IPhone Security Readiness Poll Point To Lack Of Preparedness

Today, DeviceLock, Inc., a worldwide leader in endpoint data leak prevention software solutions, announced the results of its iPhone security readiness poll, which found few respondents taking action to combat the threat posed by the increased use of iPhones in the workplace. In the seven months of data collection, over 1000 responses were posted to the survey question, “Have you taken any steps to secure your business against the security threat posed by iPhones?" Resembling the distribution of DeviceLock’s user base, the geographic plot of the responses was predictably spread around the world; about two-thirds came from North America and Western Europe with the other one-third originating in Eastern Europe, the Middle East and Asia Pacific regions. Less than 40% of all respondents answered affirmatively to the survey's question;  and, willingness to admit that the iPhone threat is a “back-burner issue” appears to be especially prevalent in Western World regions like North America and Western Europe, where only about 25% of respondents answered ‘Yes’ to the question. This tendency was not seen in the one-third sample coming from regions to the East.  Viewed as a whole, Eastern Europe, Middle East and Asia Pacific regions registered close to a 60% ‘Yes’ response to the question. 
“While this website-administered poll has inherent limitations, the results do suggest that the iPhone threat to data security is being generally underestimated,” said Alexei Lesnikh, Business Development Manager at DeviceLock. “Given the iPhone platform’s consumer popularity and robust development community, its launch into the workplace is inevitable”. 
“The variation in how the well-developed IT markets of the West view the iPhone threat versus the emerging IT markets of the East may be because Enterprise IT planners in the West are relying on the already-entrenched vendors, such as RIM and Microsoft, to ‘have their backs’ and not introduce such a device without the necessary security hooks in place for device-related policy enforcement and encryption,” suggests Alexei Lesnikh. “However, the Apple iPhone development community has less to lose, and may get there first.  Meanwhile, IT planners in the emerging markets are, by virtue of economic necessity and down-sized expectations, already closer to the ‘convergence dream’ of doing everything they might otherwise do with a laptop with a phone, so they are just quicker to recognize the strength of the iPhone as a corporate contender.  We’re encouraging DeviceLock customers and prospects around the world to take precautions with regard to iPhones in the workplace,” he explains.
As with previous waves of convenient devices that infiltrated the workplace—from CD-ROMs, to personal printers, to thumb drives—the iPhone offers gains in flexibility and productivity, along with greater risk of disastrous data leaks from corporate endpoint computers.  History has proven that the best strategy for enterprise IT teams is to set clear policies with regard to new devices and to tool-up to enforce them.  The particular risk with mobile communications devices like the iPhone is that an employee can run a local synchronization for data transfer, completely bypassing the corporate network and any network-based security solutions.  With DeviceLock in place, IT security organizations can impose a “least privilege” mobile device policy that limits data exchanges to only specific iPhones and to only the types of data required for exercising an employee’s business duties.