A recent iPass survey of more than 1,700 mobile professionals worldwide found that while half of respondents said their company allows them to use personal devices to access corporate data via public Wi-Fi, fully 38 percent have never used a VPN to protect their data.
The survey also found that 42 percent of respondents admitted to accessing company data over public Wi-Fi, even though 66 percent worry about data security when using free Wi-Fi hotspots.
When asked what they would worry about if their mobile device were lost or stolen, just 9 percent listed corporate data loss. Almost half said they would worry about losing their photos, and 57 percent said they would worry about losing contact information.
"Unfortunately, the priorities of companies and their employees seem to be worlds apart," iPass chief commercial officer Patricia Hume said in a statement. "Employees have vast troves of valuable data on their smartphones, but are considerably less concerned about losing sensitive corporate data than they are about losing their personal information."
"It's clear that companies still need to do a lot more to educate their employees regarding mobile security risks and provide robust safe usage guidelines," Hume added.
A recent Xirrus survey of more than 2,000 executives and IT professionals came to an even more disturbing conclusion -- while 91 percent of respondents told Xirrus they don't believe public Wi-Fi is secure, 89 percent said they use it anyway.
Forty-eight percent of Wi-Fi users said they connect to public Wi-Fi at least three times per week, and 31 percent do so daily. When on public Wi-Fi, 43 percent of respondents said they access work/job-specific information.
Notably, 46 percent of respondents said their company hasn't offered cyber security training in the past year.
"Businesses not only have a corporate responsibility responsibility to educate their users of the risks associated with connecting to public Wi-Fi, but also to give them the necessary tools to avoid attacks," Morgan Wright, senior fellow at the Center for Digital Government, said in a statement.
A recent eSecurity Planet article looked at the importance of providing user security training.