SANS Survey Results Announced: Mobility Policy in the Enterprise

17 Oct, 2012, 18:27 ET from SANS Institute

BETHESDA, Md., Oct. 17, 2012 /PRNewswire-USNewswire/ -- During a two-part webcast series held on October 23 and October 25, 2012, SANS Institute will release the results of its second survey this year on mobility security in the enterprise. This new survey, which had 649 respondents, focuses on policies organizations are deploying to protect their sensitive data and meet compliance in a more mobile world with employee-owned devices.

"The majority of respondents—97 percent—felt that integrating a mobile and BYOD security policy into their existing security management programs is important or extremely important," says Deb Radcliff, SANS Analyst Program executive editor. "This is not surprising given that new mobile vulnerabilities and exploits are discovered every day."

But when it comes to developing programs around their employee, contractor and partner's mobile usage and apps being accessed, only 30% of respondents felt confident or very confident in their programs. "That's a big window of opportunity for attackers," Radcliff adds.

This survey on policy and management follows a first SANS mobility security overview survey released in March 2012. In that survey, respondents indicated only a vague awareness of their employee-owned devices (9% felt certain they knew what devices were connecting to their resources).

"Six months after our original survey, we already see improvement in BYOD policies and understanding of controls necessary to support them," says Kevin Johnson, author of the SANS Mobile Device Security course and co-author of the survey whitepaper to be released during the October 25 webcast.

Find out how policies are improving and what controls are working—and not working—to securely facilitate a more mobile workforce with multiple employee-owned devices.

The paper will be released during the October 25 webcast and also will be posted in the SANS reading room. Those who register for the webcasts will receive an advanced copy. For more information or to register for the webcasts, please visit:

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, newsletters, and it operates the Internet's early warning system—the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.