Mobile Security - Managing the Evolving Threat Landscape
As we’ve learned from 2014, employees are the biggest risk to corporate data! A large part of the mobile workforce has accessed corporate data via free Wi-Fi hotspots and unsecured networks. The need for access to documents seems to outweigh an employees fear of security risks and many will adopt measures (including Shadow IT), to acquire corporate information regardless of location and risk.
According to new data from a recent global snapshot survey we've commissioned, there is a clear disconnect between a business' best efforts to protect its data and the common mobile workforce behaviors that pose a significant risk to organizations. SOTI polled IT and security experts separately from consumers to gauge the actions and attitude toward corporate security and protecting corporate data.
Employees continue to be the biggest risk to corporate data
Our global snapshot reveals that employees tend to participate in many behaviors that may result in corporate data loss.
· 77 percent of employees reported they use their personal device to access work data
· More than 70 percent of consumers accessed corporate data from a free or public Wi-Fi connection
· Nearly 65 percent use consumer cloud storage such as DropBox, Google Drive or SkyDrive for work files
· Over 60 percent of consumer respondents have forwarded work documents or files to a personal email address
· More than 60 percent of employees have taken a photo of collaborative work on whiteboards or flipcharts
· Nearly 68 percent of respondents receive a mobile device from their company. However, nearly 78 percent of those employees still use a personal device to access corporate work data
The disconnect between IT and Business is real
· Almost one-third of IT professionals reported that accidental data exposure is the top security threat compared to only 16 percent for phishing, outside hackers and government spying.
· 60 percent of enterprises have actively prevented a data breach, but less than 50 percent have a mobility strategy. This highlights a significant blind spot on mobile threat vectors because only 34 percent are using an enterprise mobility management solution.
· 67 percent of IT professionals listed device theft as one of the top user behaviors that concerned them most. However, less than seven percent of consumers have lost a device.
· There is considerable pull for attention on which threat vectors to target. 36 percent of IT professionals have targeted mobile application vulnerabilities as a top priority over the last 12 months. An equal number also reported that Internet of Things technologies, such as Bluetooth-connected smart devices, increased in priority.
· While 80 percent of consumers are allowed to use corporate-issued devices over public or free Wi-Fi, only 66 percent are allowed to access corporate-owned services over those connections.
Ignorance isn't bliss
With all the risky behavior employees are participating in, it's quite surprising that nearly 60 percent of IT respondents report that their organization DOES NOT have a mobile strategy.
“Being able to see the disconnect between what users really do and what their IT departments hope for shines a bright light on how both groups can protect themselves from their respective blind spots,” SOTI CEO Carl Rodrigues said. “Ignorance is not a strategy, and with the number of connected devices that will increasingly connect to corporate networks, IT needs to proactively build their arsenal of defenses to protect from the new frontier of enterprise threats.”
Are you interested in learning more about Mobile Security? We have a wealth of information and additional resources available:
On demand Webinar - The Trojan in Your Pocket
Global Snapshot Infographic
SOTI Mobile Security Page
Are you an IT professional? What's your experience with mobile security? We'd love to hear from you.