It’s very likely employees are uploading work to Dropbox and Box.net without consent.
Opposition from employees and unenforceable smartphone protections are the two biggest headaches for government information technology officials attempting to execute a mobile security strategy, according to new research.
Even before the recent iCloud hacks bared celebrities' explicit selfies, there were concerns about agency personnel uploading work to vulnerable cloud locations.
For example, about 63 percent of government IT managers recently polled by the Ponemon Institute said there is a high likelihood employees might move business information to Internet locations such as Dropbox or Box.net without the knowledge or consent of the agency.
Governmentwide, senior civilian and military officials are pushing employees on to smartphones and tablets to boost output and creativity.
But IT managers are divided on whether security is an integral part of their agency's overall mobile adoption strategy -- with 45 percent saying it is not at their department and 49 percent saying it is. The data comes from a Ponemon study slated for release today.
When asked to pick the two biggest barriers to achieving an effective mobile security strategy, 52 percent of agency IT managers answered staff resistance, and 49 percent said the inability to impose a mobile-device use policy on workers.
In addition, more than half of respondents said they were not satisfied with the current solution used to secure their employees’ mobile devices.
Nearly half said their security budgets were insufficient to minimize or stop threats caused by insecure apps, devices and operating systems, according to the survey, which was conducted in July.
Feds Still Slow Adopters of Mobile
Despite excitement over the growing use of more portable productivity machines, agencies are moving more cautiously than the corporate world to replace PCs with smartphones and tablets.
About one quarter of the government workforce, 27 percent, does all its work on mobile devices -- compared to 33 percent of workforces across all sectors. Within the next year, the number of government personnel expected to forgo PCs should increase to 35 percent, with 47 percent of workers nationwide relying solely on mobile devices.
The survey did not distinguish between government-issued devices and Bring Your Own Device electronics, which are personally-owned devices that employees use for work. It is believed participants were using a mix of BYOD and government devices.
Raytheon sponsored the independently conducted study.
Most respondents said malicious software and poor security hygiene on the part of the employee present the greatest mobile security risk for their agency. Malware, for example, can let hackers access contact lists stored on a smartphone or tablet.
When asked about the chances that staff will circumvent security rules, 20 percent of government officials said this type of “jailbreaking” is a big threat, while less of the overall survey population -- 13 percent -- said circumvention is a great danger.