After studying 10 years of data breach information, a global security firm released a report that reveals interesting new information about cybersecurity threats.
One statistic that may surprise you is that 41 percent of breaches occurred after the loss of an employee's laptop, mobile device, or thumb drive that contained sensitive information. Breaches from malware and hacking come in second at 25 percent, followed by unintended disclosure (17 percent), insider leaks (12 percent), and payment card fraud (1 percent).
Although the report's author believes that data breaches are essentially unavoidable, organizations can use studies like this one to reduce their risk of incurring significant damage. Patrick Nelson "More data breaches caused by lost devices than malware or hacking, Trend Micro says,"http://www.networkworld.com/ (Oct. 5, 2015).
The above study underscores the importance of developing a mobile device usage policy that is clear and easy to follow. It is certainly a best practice to limit the amount of sensitive information employees can store on a mobile device, as this will mitigate the potential damage when the device is lost or stolen. However, user vigilance is crucial.
The Federal Communications Commission advises mobile device users to evaluate their surroundings before using their device in public places, and be discreet if in an insecure area. In addition, always keep your device with you when in public, and never leave it visible inside a locked car.
Organizational policy should require all mobile devices used for work to be password protected and secured with anti-theft software capable of locating the device and remotely wiping sensitive data. Also, make note of the device's make, model number, serial number, and unique device identification number (IMEI, MEID or ESN). This information can be valuable in your recovery efforts.