New research from Kaspersky Lab shows 60 per cent of SMBs have only a basic understanding of what company data is stored on employees’ own mobile devices. A recent study by TNS Infratest found that despite the overwhelming BYOD trend in business, only 35 per cent of IT managers admitted to having strict enough rules and policies in place to provide an accurate overview of company information contained on personal devices. As more employees use their own devices for business purposes, a lack of knowledge on the security implications of BYOD is presenting serious risks. With 525,000 mobile phones reported stolen in 2011/2012 as part of the Crime Survey for England and Wales, businesses can face company data falling into the wrong hands if not effectively managed. In the absence of a clear overview of what company data was on any lost or stolen device, it becomes difficult for IT managers to manage the potential repercussions. ‘You only need to look at the statistics showing the number of devices lost or stolen each year to see why it is so important for SMBs to have an accurate overview of what company information employees have on personal devices,’ states David Emm, senior security researcher, Kaspersky Lab. ‘Only when clear BYOD rules are in place can adequate steps be taken to build a robust security solution should a device be lost or stolen. To best protect data a policy should include file encryption, blocking access to the corporate network and, in the best case, wiping all data on the device.’ Encryption of data on devices is one of the most effective measures, but modern solutions also offer remote data wipe functions and GPS localisation of lost devices.