Fewer than 40 per cent of companies enforce a security policy for employees with mobile devices, an industry report has found.

Worse still, 35 per cent of general managers believe that a security policy for mobile use is not vital, and one in five IT managers agree with them, according to figures from the Securing The Enterprise study released by Orange Business Services. 

"Organisations and the individuals they employ have to take mobile security seriously while still ensuring that they can take advantage of the benefits," said the report.

"At a strategic level this means that the organisation must do its utmost to set out the intent of securing its business processes and resources in the form of a policy, and ensure that this policy is well understood by all those it affects."

However, the study concluded that if security is managed properly, the risks are acceptable given the possible gains for a company.

"There is no doubt that taking access to corporate IT systems and sophisticated communications tools outside the physical confines of the office exposes the organisation, and in some cases the individual employee, to greater risk, but this has to be offset by the value returned," the report said.

The survey was carried out by analyst firm Quocirca on behalf of Orange Business Services.