Mobile devices are no longer safe from being hacked. And using a smartphone for workplace-related tasks could be putting you, and your company, at risk.
That's according to a new study from the Ponemon Institute, a data protection research organization. Ponemon surveyed 588 IT and IT security professionals in the U.S. employed at Global 2000 companies. Those professionals monitor or enforce the security of mobile devices used in the workplace.
A staggering 67% of respondents said it was "certain or likely that their organization had a data breach as a result of employees using their mobile devices to access the company’s sensitive and confidential information."
This survey directly contradicts an earlier study, which found data breaches via smartphone to be practically non-existent.
How is this happening?
In the case of the Ponemon study, malware is the main culprit.
"On average, organizations represented in this study have 53,844 mobile devices in use by employees," the study's authors wrote. "An average of 3% of employees’ mobile devices or approximately 1,723 devices are believed to be infected with malware at any point in time."
Through malware on mobile devices, hackers can gain access to employee credentials and obtain sensitive and confidential company data.
And yet, there isn't a lot being done about it.
Even though few mobile devices are believed to be infected with malware, those that are probably aren't getting fixed. Just 26% of infected phones get investigated or triaged, according to the report.
What kind of information is exposed?
IT security is largely in the dark about what employees access on their phones.
But many employees say they have access to sensitive work-related data like personally identifiable information, contact lists, customer records, payment information and confidential or classified documents.
Companies are losing money
It costs a company an average of $9,485 per mobile device infected with malware, according to the report.
And if a hacker steals confidential or sensitive company info, it can cost even more -- $21,042 on average.
What should you do?
Talk to your company about securing your mobile device with measures like data encryption, anti-malware software, jailbreak/root detection and other measures. And ask your company about security protocols for mobile data breaches.
Follow me on Twitter: @MitchStrohm