By Tomáš Foltýn
Organizations are aware of the “serious and growing
security threat” that mobile devices present in business, and yet many of them
admit that they’re not doing enough to lessen the risks, according to Verizon’s
Mobile Security Index 2018 report.
For 32% of organizations, mobile security takes a back seat to what Verizon called “expediency and business performance”. This is
despite the fact that cyberattacks targeting mobile devices, smartphones in particular, have become all too common in our
increasingly mobile world.
However, the sacrificing of mobile security comes
at a cost. Businesses that had done so were over two times more likely to have
suffered data loss or downtime (45%) than those that had made security
their top concern (19%).
The study surveyed over 600 professionals in the
United States and the United Kingdom who are involved in purchasing and
managing mobile devices for their organizations.
Concerns and precautions
Only one in seven organizations have put in place
all four basic cybersecurity practices specified by Verizon – changing all
default passwords, encrypting data transmitted over public networks, granting
employee access on a need-to-know basis, and testing security systems
regularly.
Only four in ten change all default passwords and
use two-factor authentication on their mobile devices. One-half
don’t have a policy for employees’ use of public Wi-Fi. A mere one-third of the organizations use mobile
endpoint security and less than one-half said that they use device encryption.
“Securing the multitude of mobile devices that
connect to public and private networks and platforms is paramount for
protecting corporate assets and brand integrity,” said Verizon senior vice
president Thomas Fox.
There was almost universal agreement among the
respondents that organizations should take mobile security more seriously. However, most organizations (62%) feel that better
mobile security may be hampered by a lack of understanding of specific threats
and solutions.
Employee misuse,
whether driven by malicious intent or caused by inadvertent error, is seen as a
significant cyber-hazard by almost 80% of the organizations.
The same percentage voiced greater concern about
disruption of their business operations caused by security incidents than about
data theft.
Nearly 40% of organizations that allow employees to
bring their own smartphones and tablets to work view this trend, known as “bring your own
device (BYOD)”, as the source of their top concern.
Lest we forget: three in four respondents
anticipate that the risks will intensify further during the next year.