How real is the mobile security threat? Breaking down the concerning stats…
An urgent look at the alarming stats concerning mobile security
With the global mobile workforce set to increase to 1.88 billion in 2023 (43% of the workforce) and the rapid pace of mobile device development, business leaders and IT staff are gearing up to meet the increasing challenges of mobile device security.
From personal phones to work tablets, many of us today are accustomed to using mobile devices for checking emails at home, video calling colleagues, or browsing work files while out of the office. But does a mobile way of working pose a security threat to your business, and should you be taking steps to combat mobile security weaknesses?
What’s At Stake?
More data than ever before is being consumed on mobile devices. In 2016 mobile data usage overtook desktop data usage for the first time and shows no signs of slowing down. Increasingly this data isn’t coming from the organisations “locked down” internal networks but from a cloud-based service – think Salesforce CRM or any other number of business applications. With more companies embracing Bring Your Own Device (BYOD) policies this creates a perfect storm of factors that dramatically increase the potential for corporate data leaking, either accidentally or maliciously.
Regulations like GDPR put a steep penalty on any business that doesn’t secure customers’ data correctly, including significant financial fines. However, as many large organisations have experienced, the reputational damage that businesses suffer from losing sensitive data can have even bigger consequences, slashing confidence in your business and costing you long into the future.
Alongside the issue of data leakage there are an increasing range of external mobile security threats. Although cyber-security practices are well-developed in traditional IT, statistics paint a concerning picture about the state of mobile device security. For larger businesses that offer staff a wide degree of device freedom, the threat is even more pronounced. If your employees are routinely accessing corporate data through mobile devices on the go, putting the right security measures in place is absolutely vital if you’re to avoid a data breach in the near future.
Figures from Ireland reveal that 18% of mobile devices undergo a ‘security incident’ each month, 12% have visited websites containing malware, and 2% have accessed known phishing websites. It only takes one incident on a device connected to your business to result in potentially damaging consequences. These figures prove how even a security conscious business can be undone by employee behaviour (often with the best intentions) and inadequate mobile security policies.
What You Can Do
There’s plenty that your business can and should do to counter a range of security threats in what we call the DNA of mobile security – Device, Network and Applications.
From a device perspective simple steps like ensuring devices have the latest operating systems and aren’t “jailbroken”, putting in place complex pin-codes or biometric authentication and having the ability to remotely lock and wipe devices is a great start. All of this can be achieved with the right Enterprise Mobility Management (EMM) solution.
From a network perspective the biggest threat is unsecured and risky Wi-FI hotpsots – we’ve covered this topic in some detail in our recent blog here. To counter this you’ll need to be using VPNs or Mobile Threat Defence software with specific protection built-in. To protect against malicious application installations or applications that have the potential to leak data you’ll need the application reputation and scanning capability that many Mobile Threat Defence solutions incorporate.
While the right technology is critical to provide protection for your employees and make it as hard as possible for them to get caught out or do the wrong thing, you can’t ignore the human factor. Employee training can go a long way towards protecting your business from threats. Raising awareness of practices such as mobile phishing and educating employees on how to identify and avoid phishing scams, untrustworthy links and suspicious downloads is a great start point.
At CWSI we partner with the leading Mobile Threat Defence providers including MobileIron, Wandera, Checkpoint, Lookout and Corrata, all of whom feature in Gartner’s recently published 2018 Market Guide to Mobile Threat Defense. Whatever vendors you might be considering, we can help. CWSI’s Colm Warner has put together a series of blog posts on Mobile Threat Defence in the Real World and How to Plan your Mobile Threat Defence Deployment. If you’re unsure how to tackle mobile threats, then contact us today to arrange a consultation with one of our expert team.