Enterprise security report says mobile workers put data at risk
|Christian Hargrave in Security Wednesday, October 10, 2018|
50 percent of mobile workers are using non-corporate networks to work according to a new study named the Greatest Mobile Security Threats in the Enterprise.
According to a new study titled Greatest Mobile Security Threats in the Enterprise, a significant lack of visibility into devices and networks is putting businesses at risk for data leakage and phishing attacks. The study, conducted by Enterprise Mobility Exchange and commissioned by NetMotion Software, showed that nearly 50 percent of mobile workers spend the majority of their work time connected to non-corporate public Wi-Fi and carrier networks. Of that 50 percent, over 27 percent claim to connect to non-corporate owned networks more than 76 percent of the time. And, over 60 percent lack tools to audit when a device connects to a third-party network. Over half of the companies were also unsure how to even monitor device data traffic and which servers users were connected to beyond their corporate firewalls.
“Our study showed that it’s impossible to devise effective strategies for mitigating mobile security threats if you don’t know what devices are doing for a large part of the time they’re in use,” said Dorene Rettas, Managing Director, Enterprise Mobility Exchange. “Moreover, the widespread use of third-party networks creates a blind spot that needs to be addressed in order to make devices truly secure.”
Insecure applications, spyware, and network spoofing
In addition to data leakage and phishing attacks, other threats such as insecure applications, spyware, and network spoofing were also highlighted as top concerns. Although while most respondents indicated having some level of mobile security policies to mitigate risks, roughly one-third didn’t actively enforce them. Despite the potential for unsafe user behavior to compromise the security of corporate information, more than a third (36 percent) do not provide employees with security training.
The research also uncovered that, even as organizations recognize the threats, they are somewhat complacent to address them. Nearly half of those who provided an answer (49 percent) could not determine the number of mobile security incidents that took place in the previous year. And 66 percent of the companies do not require users to connect through a secured VPN to access corporate data, jeopardizing their internal networks.
“As office and field work continues to demand always-on access to applications, it’s in an organization’s best interest to provide employees secure access to a variety of Wi-Fi and carrier networks,” added Christopher Kenessey, CEO & President for NetMotion. “But enterprises still have a ways to go to ensure visibility and security over device and user behavior across networks outside the firewall.”
“With the large number of field workers connecting to non-corporate, unsecured networks, organizations need real-time data gathering tools to stay ahead of the security threats in today’s mobile workplace,” said Nick McQuire, Vice President of Global Enterprise Research for CCS Insight. “Visibility and actionable analytics are required for IT organizations to monitor their devices and networks in order to mitigate security risks.”
The Greatest Mobile Security Threats in the Enterprise study was conducted in the United States in July and August 2018. It reached more than 130 respondents at companies with corporately owned mobile devices (phones, tablets, laptops) across financial, government, warehousing, and other industries.
Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.
Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.
Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.