Pointsec Mobile Technologies and Infosecurity Europe, who commissioned the survey, said that PDA owners commonly download the contents of their personal and business lives on to the machines, but many users fail to encrypt or password-protect the information, which can include PIN numbers, customer details, credit and social security details.
The survey found that one in four users are not bothering to protect their device with a password, even though a third of them use it to store confidential corporate information and to access corporate networks. Ten percent of PDA users keep their bank account details on their devices.
The survey also found that four out of five people who use their devices to store social security and Inland Revenue details do not encrypt this information and three out of ten fail to make use of password protection.
In addition, just over 20 percent of PDAs are company owned, yet two out of three are supplied to employees without any formal usage or policy guidelines in regard to protecting the information stored of them. This might explain the finding that the majority of the 36 percent of those surveyed who download corporate information to their PDAs leave it unencrypted.
Magnus Ahlberg, managing director of encryption company Pointsec Mobile Technologies, told ElectricNews.Net that he believes the situation will get worse before it gets better.
"This survey was conducted among people involved in the IT industry, many of whom are early adopters and know the technology. The situation will deteriorate further once more people with less technical backgrounds begin to use PDAs, particularly when companies start to issue their staff with PDAs as replacements for laptops," commented Ahlberg.
He added that it was vital for companies to institute security measures if they give mobile devices to staff. "As organisations go mobile they need to encrypt their information because, for example, it takes a thief just a few seconds to hot sync information from a PDA using a laptop or PC if it is unencrypted and not password-protected," remarked Ahlberg.
Companies may not have put in place such guidelines, he said, because PDA security is an issue that is only now gaining attention. Furthermore, IT departments often find themselves "swamped" with the security implications of other new technologies.
The survey was conducted among 332 IT and sales personnel in the UK, 43 percent of whom worked for companies employing more than 1,000 staff.
|