Mobile Security Threats Put Businesses At Risk

Uploaded on 2018-10-18 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A significant lack of visibility into devices and networks is putting businesses at risk for data leakage and phishing attacks, according to a study conducted by Enterprise Mobility Exchange.

The study showed that nearly 50 percent of mobile workers spend the majority of their worktime connected to non-corporate public Wi-Fi and carrier networks. Of that 50 percent, over 27 percent claim to connect to non-corporate owned networks more than 76 percent of the time. And, over 60 percent lack tools to audit when a device connects to a third-party network. Over half of the companies were also unsure how to even monitor device data traffic and to which servers users were connected to, beyond their corporate firewalls.

“Our study showed that it’s impossible to devise effective strategies for mitigating mobile security threats if you don’t know what devices are doing for a large part of the time they’re in use,” said Dorene Rettas, Managing Director, Enterprise Mobility Exchange. “Moreover, the widespread use of third-party networks creates a blind spot that needs to be addressed in order to make devices truly secure.”

In addition to data leakage and phishing attacks, other threats such as insecure applications, spyware and network spoofing were also highlighted as top concerns. While most respondents indicated having some level of mobile security policies to mitigate risks, roughly one-third didn’t actively enforce them. Despite the potential for unsafe user behavior that might compromise the security of corporate information, more than a third (36 percent) do not provide employees with security training.

The research also uncovered that, even as organisations recognise the threats, they are somewhat complacent to address them. Nearly half of those who provided an answer (49 percent) could not determine the number of mobile security incidents that took place in the previous year. And 66 percent of the companies do not require users to connect through a secured VPN to access corporate data, jeopardising their internal networks.

“As office and field work continues to demand always-on access to applications, it’s in an organisation’s best interest to provide employees secure access to a variety of Wi-Fi and carrier networks,” added Christopher Kenessey, CEO & President for NetMotion. “But enterprises still have a way to go to ensure visibility and security over device and user behaviour across networks outside the firewall.”

“With a large number of field workers connecting to non-corporate, unsecured networks, organisations need real-time data gathering tools to stay ahead of the security threats in today’s mobile workplace,” said Nick McQuire, Vice President of Global Enterprise Research for CCS Insight. “Visibility and actionable analytics are required for IT organisations to monitor their devices and networks in order to mitigate security risks.”

Help Net Security:

You Might Also Read:

Millions Of WiFi Routers Are At Risk Of Hacking

« Cyberwars Heat Up In AsiaPac To Battle Chinese Aggression
Guide To All Things Criminal On The Web »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

2Secure

2Secure

2Secure is one of Sweden's largest private security companies. Service inlcude personal security, corporate security, information and cyber security.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Mexis

Mexis

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

African Cyber Security

African Cyber Security

African Cyber Security and it's partners, have the expertise and skills to provide holistic solutions for companies, institutions and government.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

Phy-Cy.X Security Group

Phy-Cy.X Security Group

Phy-Cy.X specialize in the “Physics” of Information Security through both physical and cyber domains. We are not an IT company, we ARE an Information Security company.

National Institute for Research & Development in Informatics (ICI Bucharest)

National Institute for Research & Development in Informatics (ICI Bucharest)

ICI Bucharest is the most important institute in the field of research, development and innovation in information and communication technology (ICT) in Romania.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Otava

Otava

Otava is a global leader of secure, compliant hybrid cloud and IT solutions for service providers, channel partners and enterprise clients.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

HaystackID

HaystackID

HaystackID provides industry-leading computer forensics, eDiscovery, and attorney document review experts to help with complex, data-intensive investigations and litigation.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.