Mobile Security Threats Put Businesses At Risk

A significant lack of visibility into devices and networks is putting businesses at risk for data leakage and phishing attacks, according to a study conducted by Enterprise Mobility Exchange.

The study showed that nearly 50 percent of mobile workers spend the majority of their worktime connected to non-corporate public Wi-Fi and carrier networks. Of that 50 percent, over 27 percent claim to connect to non-corporate owned networks more than 76 percent of the time. And, over 60 percent lack tools to audit when a device connects to a third-party network. Over half of the companies were also unsure how to even monitor device data traffic and to which servers users were connected to, beyond their corporate firewalls.

“Our study showed that it’s impossible to devise effective strategies for mitigating mobile security threats if you don’t know what devices are doing for a large part of the time they’re in use,” said Dorene Rettas, Managing Director, Enterprise Mobility Exchange. “Moreover, the widespread use of third-party networks creates a blind spot that needs to be addressed in order to make devices truly secure.”

In addition to data leakage and phishing attacks, other threats such as insecure applications, spyware and network spoofing were also highlighted as top concerns. While most respondents indicated having some level of mobile security policies to mitigate risks, roughly one-third didn’t actively enforce them. Despite the potential for unsafe user behavior that might compromise the security of corporate information, more than a third (36 percent) do not provide employees with security training.

The research also uncovered that, even as organisations recognise the threats, they are somewhat complacent to address them. Nearly half of those who provided an answer (49 percent) could not determine the number of mobile security incidents that took place in the previous year. And 66 percent of the companies do not require users to connect through a secured VPN to access corporate data, jeopardising their internal networks.

“As office and field work continues to demand always-on access to applications, it’s in an organisation’s best interest to provide employees secure access to a variety of Wi-Fi and carrier networks,” added Christopher Kenessey, CEO & President for NetMotion. “But enterprises still have a way to go to ensure visibility and security over device and user behaviour across networks outside the firewall.”

“With a large number of field workers connecting to non-corporate, unsecured networks, organisations need real-time data gathering tools to stay ahead of the security threats in today’s mobile workplace,” said Nick McQuire, Vice President of Global Enterprise Research for CCS Insight. “Visibility and actionable analytics are required for IT organisations to monitor their devices and networks in order to mitigate security risks.”

Help Net Security:

You Might Also Read:

Millions Of WiFi Routers Are At Risk Of Hacking

« Cyberwars Heat Up In AsiaPac To Battle Chinese Aggression
Guide To All Things Criminal On The Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

Spanish National Cybersecurity Institute (INCIBE)

Spanish National Cybersecurity Institute (INCIBE)

INCIBE undertakes research, service delivery and coordination for building cybersecurity at the national and international levels.

Nohau

Nohau

Nohau provide services for safe and secure embedded software development.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Cognni

Cognni

Cognni (formerly Shieldox) will make your InfoSec think like a human, right out of the box, so you can focus on the bigger picture, keeping the information flow safe.

ECS

ECS

ECS is a leading information technology provider delivering cloud, cybersecurity, software development, IT modernization, and advanced science and engineering services.

Yaana Technologies

Yaana Technologies

Yaana is a leading provider of intelligent compliance solutions including lawful interception, data retention & disclosure, and advanced security analytics.

International Cybersecurity Institute (ICSI)

International Cybersecurity Institute (ICSI)

ICSI is a UK company offering specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals.

FiVerity

FiVerity

FiVerity provides financial institutions with cyber fraud defense to combat a dangerous and growing threat - the convergence of fraud-related theft with sophisticated, high-volume cyber attacks.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

Quantum Ventura

Quantum Ventura

Quantum Ventura is a technology innovation company with a single mission of delivering customer-centric advanced solutions to US Federal & State Governments and Private Sector customers.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.