Mobile Security Threats Put Businesses At Risk

Uploaded on 2018-10-18 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A significant lack of visibility into devices and networks is putting businesses at risk for data leakage and phishing attacks, according to a study conducted by Enterprise Mobility Exchange.

The study showed that nearly 50 percent of mobile workers spend the majority of their worktime connected to non-corporate public Wi-Fi and carrier networks. Of that 50 percent, over 27 percent claim to connect to non-corporate owned networks more than 76 percent of the time. And, over 60 percent lack tools to audit when a device connects to a third-party network. Over half of the companies were also unsure how to even monitor device data traffic and to which servers users were connected to, beyond their corporate firewalls.

“Our study showed that it’s impossible to devise effective strategies for mitigating mobile security threats if you don’t know what devices are doing for a large part of the time they’re in use,” said Dorene Rettas, Managing Director, Enterprise Mobility Exchange. “Moreover, the widespread use of third-party networks creates a blind spot that needs to be addressed in order to make devices truly secure.”

In addition to data leakage and phishing attacks, other threats such as insecure applications, spyware and network spoofing were also highlighted as top concerns. While most respondents indicated having some level of mobile security policies to mitigate risks, roughly one-third didn’t actively enforce them. Despite the potential for unsafe user behavior that might compromise the security of corporate information, more than a third (36 percent) do not provide employees with security training.

The research also uncovered that, even as organisations recognise the threats, they are somewhat complacent to address them. Nearly half of those who provided an answer (49 percent) could not determine the number of mobile security incidents that took place in the previous year. And 66 percent of the companies do not require users to connect through a secured VPN to access corporate data, jeopardising their internal networks.

“As office and field work continues to demand always-on access to applications, it’s in an organisation’s best interest to provide employees secure access to a variety of Wi-Fi and carrier networks,” added Christopher Kenessey, CEO & President for NetMotion. “But enterprises still have a way to go to ensure visibility and security over device and user behaviour across networks outside the firewall.”

“With a large number of field workers connecting to non-corporate, unsecured networks, organisations need real-time data gathering tools to stay ahead of the security threats in today’s mobile workplace,” said Nick McQuire, Vice President of Global Enterprise Research for CCS Insight. “Visibility and actionable analytics are required for IT organisations to monitor their devices and networks in order to mitigate security risks.”

Help Net Security:

You Might Also Read:

Millions Of WiFi Routers Are At Risk Of Hacking

« Cyberwars Heat Up In AsiaPac To Battle Chinese Aggression
Guide To All Things Criminal On The Web »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CERT-UA

CERT-UA

CERT-UA is the national Computer Emergency Response Team for Ukraine.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Penningtons Manches Cooper

Penningtons Manches Cooper

Penningtons Manches Cooper is a leading UK law firm providing high quality legal advice in areas including Data Protection, Cyber Security and Cyber Crime.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

ZARIOT

ZARIOT

ZARIOT's mission is to restore order to what is becoming connected chaos in IoT by bringing unrivalled security, control and quality of service.

Auriga Consulting

Auriga Consulting

Auriga is a center of excellence in Cyber Security, Assurance and Monitoring Services, with a renowned track record of succeeding where others have failed.

CyFox

CyFox

CYFOX is at the forefront of cybersecurity innovation, specializing in providing cutting-edge AI-driven solutions tailored for any businesses.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.

Hexagate

Hexagate

Hexagate is at the forefront of blockchain threat prevention and automated risk management, proactively detecting and mitigating threats to smart contracts and onchain assets.