New Verizon study reveals many organizations prioritized business performance at the cost of mobile enterprise security
Nearly a third of organizations surveyed admitted to knowingly sacrificing security; 39% cited BYOD as a top concern; and only 14% had implemented the most basic cybersecurity practices
Our editorial transparency tool uses blockchain technology to permanently log all changes made to official releases after publication.
More of our content is being permanently logged via blockchain technology starting [10.23.2020].
- Nearly a third (32%) of organizations surveyed admitted to sacrificing mobile security to improve business performance.
- 93% of organizations agreed that mobile devices present a serious and growing threat. Also, 20% of surveyed organizations that use IoT devices cite these as their most significant concern.
- 79% said that disruption of their business operations is an even greater threat than the theft of data.
- 79% of the organizations fear that employee misuse, either accidentally or intentionally, is a significant concern. And 39% of organizations that allow employees to use their own devices for business purposes (known as BYOD) ranked this as their top concern.
- A majority of organizations (62%) feel that a lack of understanding of threats and solutions are a barrier to mobile security. Less than 1/3 of organizations (33%) use mobile endpoint security and less than half (47%) said they use device encryption. Only 31% are using Mobile Device Management (MDM) or Enterprise Mobility Management (EMM).
- Only one in seven organizations surveyed (14%) had implemented the most basic cybersecurity practices. Less than two fifths (39%) change all default passwords; only 38% use strong two-factor authentication on their mobile devices; and, only 59% restrict which apps employees can download from the Internet to their mobile devices.
- Though a number of vertical industries are represented in the study, healthcare and the public sector were hit especially hard. More than a third of healthcare organizations (35%) and 33% of public sector entities said they had suffered data loss or downtime due to a mobile device security incident.
- Reduce the risk of malicious applications: Implement policies that govern which apps can be downloaded by employees and create a custom app store to build a more secure environment. Also, deploy application management software that scans apps for vulnerabilities.
- Improve device management: Ensure that all default passwords are changed; deploy mobile endpoint security and threat detection to all devices; and, implement Mobile Device Management (MDM) and Enterprise Mobility Management (EMM).
- Increase user/employee awareness: Implement a strong password policy and ensure adherence, provide regular security training and test employee awareness annually; regularly review employee access to systems and data; and, create an incident response plan to help reduce damage caused by a security incident.