Mobile security in poor health

Companies nervous about losing confidential data from portable devices and getting return on investment from mobile roll-outs.

Poor security continues to hamper the rollout of mobile systems to staff, according to experts, who last week reiterated the need to encrypt all data stored on notebook PCs, handheld devices and smartphones.

Speaking at last week’s Mobility Summit in London, David Kemper, vice-president of technologies at American Express, predicted that “software that won’t run on encrypted databases is not going to sell”.

Some attendees highlighted the lack of any clearly definable return on investment (ROI) for mobile systems as a problem for some firms, while others said the need for extensive training for staff is also a barrier to adoption.

Kemper’s comments on security follow the publication last month of Mobile Device Usage in the Healthcare Sector, a survey carried out by Pointsec Mobile Technologies and the British Journal of Healthcare Computing & Information Management.

The researchers said almost two-thirds of the devices used within the NHS had inadequate or no security and that half of NHS employees used their own equipment to store data, breaching basic security practices.

The 117 respondents included information managers, IT managers and other medical professionals, and a quarter were suppliers. About half of the medical professionals carried patient records on mobile devices that included USB memory sticks and data cards.

“Mobile devices seem to be falling through the security net; it is very easy to steal or pick one up and access the information for ill purposes,” said Martin Allen, managing director of Pointsec Mobile Technologies UK.