New Verizon study reveals many organizations prioritized business performance at the cost of mobile enterprise security
Nearly a third of organizations surveyed admitted to knowingly sacrificing security; 39% cited BYOD as a top concern; and only 14% had implemented the most basic cybersecurity practices
More of our content is being permanently logged via blockchain technology starting [10.23.2020].
- Nearly a third (32%) of organizations surveyed admitted to sacrificing mobile security to improve business performance.
- 93% of organizations agreed that mobile devices present a serious and growing threat. Also, 20% of surveyed organizations that use IoT devices cite these as their most significant concern.
- 79% said that disruption of their business operations is an even greater threat than the theft of data.
- 79% of the organizations fear that employee misuse, either accidentally or intentionally, is a significant concern. And 39% of organizations that allow employees to use their own devices for business purposes (known as BYOD) ranked this as their top concern.
- A majority of organizations (62%) feel that a lack of understanding of threats and solutions are a barrier to mobile security. Less than 1/3 of organizations (33%) use mobile endpoint security and less than half (47%) said they use device encryption. Only 31% are using Mobile Device Management (MDM) or Enterprise Mobility Management (EMM).
- Only one in seven organizations surveyed (14%) had implemented the most basic cybersecurity practices. Less than two fifths (39%) change all default passwords; only 38% use strong two-factor authentication on their mobile devices; and, only 59% restrict which apps employees can download from the Internet to their mobile devices.
- Though a number of vertical industries are represented in the study, healthcare and the public sector were hit especially hard. More than a third of healthcare organizations (35%) and 33% of public sector entities said they had suffered data loss or downtime due to a mobile device security incident.
- Reduce the risk of malicious applications: Implement policies that govern which apps can be downloaded by employees and create a custom app store to build a more secure environment. Also, deploy application management software that scans apps for vulnerabilities.
- Improve device management: Ensure that all default passwords are changed; deploy mobile endpoint security and threat detection to all devices; and, implement Mobile Device Management (MDM) and Enterprise Mobility Management (EMM).
- Increase user/employee awareness: Implement a strong password policy and ensure adherence, provide regular security training and test employee awareness annually; regularly review employee access to systems and data; and, create an incident response plan to help reduce damage caused by a security incident.