(MSPAlliance) – Monday, April 24, 2006 – Basic personal security on the streets is easy to accomplish: check for cars before crossing the road, keep money and credit cards out of view, stay away from suspicious looking people, etc. But technological personal security isn’t so personally ensured in matters such as secret PIN numbers – the process of keeping that number secret ensures personal security in that case.
When money unexpectedly turns up missing from a bank account, customers automatically blame the bank, even though security is a shared responsibility of the bank and cardholder. Cardholders should immediately destroy PIN information once received in the mail, not write down PINs on paper and shield the ATM keypad while entering a PIN for any transaction.
New mobile devices, such as PDAs and BlackBerries, have addressed the reality of doing business in public by making the process more discrete. People can send private e-mails instead of shouting in a crowded bus, and the screens are easy to hide from prying eyes.
Still, in 2000, Quircoca found that three-quarters of respondents to a survey of over 2000 IT professionals thought mobile security was a shared responsibility of employees and businesses, while nearly half thought employees acted “irresponsible” in handling mobile security. In 2005, the firm found that two-thirds of IT professionals rated data falling into the wrong hands from theft or loss of devices as the most important mobile security issue.
Many companies leave smart device security largely in the hands of employees, with the potential privacy and efficiency gains derived from such devices erased by a lax approach. Implementing a mobile security policy is important, but more important is understanding that responsibility is shared.