Mobile devices have become a large part of the corporate landscape in past years. However, according to Verizon’s 2018 Mobile Security Index, organizations are having difficulty managing the security of mobile devices. While businesses are concerned about security issues, many of them are struggling to keep pace with developments occurring in Enterprise Mobility Management (EMM) as well as with mobile threats. As a preventative measure, we’ve compiled a list of mobile security mistakes to avoid when managing enterprise mobility.
Valuing Performance Over Security
According to Verizon, 32% of respondents stated that they had forgone security in favor of convenience and business performance. Of that group, 38% percent expressed that they were at a high risk of experiencing a mobile threat. In addition to this, Verizon found that organizations that had sacrificed security were 2.4 times more likely to experience data loss or downtime than those that had made security a bigger priority.
The data shows that almost a third of the organizations surveyed knowingly prioritized mobile performance over security. This decision not only puts these organizations at risk but the data of those who make use of their services as well.
Neglecting to Take Basic Precautions
In their report, Verizon outlined four baseline basic security precautions that organizations should take. These security measures are:
- Changing all default passwords;
- Restricting access on a need-to-know basis;
- Enforcing policies on public Wi-Fi use, which include encrypting the transmission of sensitive data over public networks, and
- Testing security systems regularly.
Though these practices are easily implemented, only 14% of respondents had all four precautions in place. Balancing the need for security with the desire to have top performance is complicated, but in neglecting security, organizations make themselves easy targets for mobile threats. Being unprepared in the event of an attack has dire repercussions.
Lack of Employee Awareness
As the nature of mobile threats develops, educating employees about mobile security practices is paramount. Verizon found that organizations see employees as a significant threat, whether it be because of malicious or negligent acts concerning mobile security. However, 14% of respondents had no form of security training for their employees, implying that they are hoping their employees avoid risk, rather than enforcing preventative measures through education.
As a baseline, Verizon recommends offering routine security training to educate employees on detecting early warning signs of threats, as well as regularly evaluating access to systems and data. Organizations can also improve on these baseline practices by testing employees on their awareness of mobile security and mandating extra training for those who don’t get acceptable scores. This way, businesses can ensure that their employees will be more prepared to guard against threats. Additionally, organizations can formulate an incident response plan, so employees will know what the protocol is in the event of a security incident.
Businesses have a long way to go to adapt to the ever-changing mobile threat landscape. Though maintaining security is a difficult undertaking in the mobile space, having an awareness of possible pitfalls allows organizations to avoid incidents that could have drastic consequences.
Latest posts by Tess Hanna (see all)
- Top 10 Best Books on Mobile Security You Should Read - August 15, 2018
- Top 10 Best Books on Enterprise Mobility Management - August 15, 2018
- DHS Research Shows Overwhelming Vulnerabilities in Smartphones - August 9, 2018