Every year reports come out by major technology companies that look at the latest threats that companies need to be aware of. Mobile technology has been gaining importance in the workplace, and now makes up about 60% of a company’s endpoints.
The fact that mobile devices are now a big part of the business workflow makes Verizon’s 2021 Mobile Security Index report particularly important for companies to take notice of. Mobile security is now a much larger percentage of overall network security than it was just a few years ago.
71% of surveyed professionals say that mobile devices are “very critical to their business.”
The report looks at data across millions of users between January 2019 and December 2020. Also contributing to the report are surveys of 856 professionals in the mobile procurement, management, and security area and 13 security companies and law enforcement agencies.
Mobile devices tend to be the least protected type of device when compared to user workstations, laptops, and servers. Yet, smartphones and tablets now access all the same types of sensitive data and processes.
What You Can Learn from the Mobile Security Report to Bolster Your Cybersecurity
Mobile Device Compromise is Just as Bad as PC Compromise
There’s been a misguided thought that if a mobile device is lost, stolen, or hacked that some limited data might be lost, but that it’s not as bad as when a computer is hacked.
That’s not the case any longer. Just about every major cloud solution has a mobile app version or a browser-based interface that can be accessed from any device.
81% of users prefer opening email on their mobile device rather than a computer.
According to survey respondents some of the consequences of a mobile device breach are:
- Downtime/lost productivity
- Damage to business reputation
- Regulatory penalties
- Loss of business
Graph from Verizon Mobile Security Index 2021
Your Takeaway: Treat mobile devices the same way you do computers when you’re implementing security safeguards like antivirus, cloud access monitoring, etc.
Mobile Devices Are Already Being Targeted
Forty percent of survey respondents identified mobile devices as the #1 IT security threat that businesses face. 53% said their company had already suffered a major security incident because of an unsecured mobile device.
Cyber attackers have already figured out that mobile devices are largely being ignored by many small businesses when it comes to cybersecurity. They aren’t sure how to handle it when asking employees to use their own devices for work and often aren’t aware of the risk they’re taking by not properly monitoring and managing mobile devices.
Your Takeaway: Companies are already largely relying on employees to use personal devices for work. It’s critical to put a mobile device management system in place (like Microsoft Intune) to ensure devices can be updated, locked if stolen, and managed remotely.
Without Enforced Policies, Users Adopt Risky Habits
Users often adopt habits that can put company data at risk. While a person may never dream of visiting a sketchy website on their company workstation, they won’t hesitate to do it via their mobile device used for work.
Some of the troubling user habit statistics that the Verizon report found are:
- 45% of companies that prohibit social media use on company devices know that employees do it anyway.
- Over the last year, there’s been a 600% increase in visits to websites hosting adult content from work devices.
- 54% of companies that saw a security compromise attributed it wholly or in part to user behavior.
- 31% of companies relaxed their restrictions on app downloads during the pandemic.
Your Takeaway: It’s vital to not only have a mobile device use policy in place for employees but to also enforce it. For example, it does no good to require the use of a business VPN to secure mobile connections if you’re not monitoring that it’s being done or have no penalties for lapses.
Unrestricted Cloud Apps Are Becoming a Problem
75% of those surveyed for the report said their company’s reliance on cloud-based apps is only growing. Apps have become a convenient way to get things done on a mobile device, but there are also apps out there that can leak data or that harbor malware.
An innocent-looking task management app that an employee might think would be cool to use, could be hiding spyware behind the scenes.
Even legitimate business apps that have security holes can be a problem. Verizon found that 1 in 25 mobile apps was found to leak credentials.
Your Takeaway: It’s important to fully research any apps your company uses for security flaws before allowing users to install them. Restricting the apps that a user can install on a company device is also vital to avoiding mobile malware.
Do You Have a Solid Mobile Security Strategy in Place?
Rocky Knoll Technologies can help your Charlotte area business review your company’s use of mobile devices and put together a security strategy that won’t leave you at risk of a breach.
Contact us today to schedule a free consultation. Call 704.594.7292 or reach us online.
