Save $200 on Top-Notch Cyber Security Training at SANS Dallas Fall 2018. Ends 10/3.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

NEW SANS Survey Finds That Many Corporate and Employee Computing Devices Remain Unsecured

Laptops/Desktops Still Most Used Mobile Devices; Lack of Management a Concern; Encrypted USB Devices and Windows To Go Offer Secure Options

  • Bethesda, MD
  • May 11, 2015

A new SANS survey, Securing Portable Data and Applications on Enterprise Mobile Workspaces, has found that, 84% of mobile workers are using organization-supplied laptop and desktop computers, many of which are not provided with managed security, as their primary access to work.

The usage pattern is important because many organizations appear to be underestimating the security risks posed by unmanaged laptops and desktops used by mobile workers to access enterprise applications and data.

Based on survey data, mobile workers use laptops and desktops for a lot of their work. But securing that environment for mobile workers is a challenge. USB devices and Windows To Go features are two options for providing such an environment.

"Even with many employees doing their work on unsecured or unmanaged laptops or desktops, many companies limit the use of USB devices, which could help provide data protection," says SANS Analyst Jacob Williams. "But fewer than half of those have technical controls to help enforce the policies. And, most don't encrypt the USBs, which opens a sizable potential data breach vector."

In fact, only 7% of organizations with 500-10,000 employees and just 13% with more than 10,000 employees encrypt their USB devices. "No technical controls means disaster when we note the very low rates of removable device encryption," says Williams. "This is especially true because respondents also identified lost removable devices as a security concern--one that is largely mitigated when technical controls enforce the use of only encrypted removable media."

Windows To Go features offer a safer means of replicating the laptop/desktop environment while enabling mobility. Although only 56% of respondents are familiar with the features, they represent another avenue available to secure the work environment of the mobile workforce.

Full results will be shared during a May 21, 2015 webcast at 1 PM EDT, sponsored by IronKey by Imation, and hosted by SANS. Register to attend the webcast at

Those who register for the webcast will also receive access to the published results paper developed by technology author Jaikumar Vijayan and SANS Analyst and information security expert, Jacob Williams.


Got portable data (USB) security concerns? Find solutions in free webcast on 5/21 with @IronKeySecurity.

BYOD is about more than phones and tablets. Learn more on May 21 at 1 pm EDT. #infosec #MobileSecurity

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (