Mobile Devices Pose an Increasing Threat to Enterprise Security
This is Part 3 of a 3-part series examining the biggest threats to endpoint security today, all of which can be conversations to have with your customers.
We live in a world in which employees use their mobile devices at work and that’s not going to change anytime soon.
For many companies, it presents a Catch-22 situation: employees tend to be more productive and efficient if they can access work email and data on their phones, but they also tend to make businesses more vulnerable to a hack or breach.
For solution providers, it presents tremendous opportunity to help customers strike a balance between productivity and security. For as long as mobile endpoints touch the network, bad guys will target those devices.
Mobile Malware on the Rise
Mobile devices such as smartphones have seen the greatest rise in potential IT security risk in the IT environment, according to the Ponemon Institute’s 2016 State of the Endpoint report.
For one, the number of insecure mobile devices used in the workplace has increased significantly, from 33% two years ago to 50% this year, according to the report. Meanwhile, 80% of respondents believe their mobile endpoints have been the target of malware over the last 12 months.
It’s a big concern for CISOs and IT executives, but also for application and device manufacturers too. For example, Apple recently announced a “bug bounty” program for identifying exploits and vulnerabilities.
Statistics around mobile security threats are as plentiful as they are scary:
- Less than 5% of enterprises use mobile threat detection software
- 8% of companies require employees to upgrade to the latest mobile OS
- Unique mobile malware samples have increased 72%
- Volume of malware tripled in 2015, compared to previous year
- 10 million users infected by one strain of malware on Android
Continue the Conversation
Because neither mobile malware nor mobile devices in the workplace are going away, solution providers need to present the best security solution possible for their customers. Likely, that means a different conversation for each company because each business has its own individual challenges.
For some, it might mean helping to develop a mobile security plan for employees to follow. Others may need help on the technology side, implementing the right solutions to protect their information.
In either case, the conversation needs to be continuous and organic. There’s no end result when deploying a security solution. You need to continue to be vigilant, updating and adapting as threats mature and as the business grows.
Use current news topics—such as the Pokemon Go phenomenon—to help keep customers and their employees aware of how pervasive threats are. A recent study by Blackberry found that while 73% of companies have a mobile security strategy, only 3% say it’s the highest level possible. So there’s a lot of work to do.
In many cases, it’s not the executive you have to convince mobile security is important—it’s the employees themselves. More than 80% of executives said mobile security policies are frustrating workers, who believe the policies may hinder their productivity, according to the Blackberry report.
Any enterprise mobility discussion needs to be holistic—include not only the latest security offerings, but management and reporting of those solutions, professional services to help customers develop security policies, and training to ensure their employees understand and adhere to those policies.
Despite its name, there’s really no end point to endpoint security. Updates take place, malware gets more sophisticated and vulnerabilities are found. Your job as a trusted business and IT provider is to give customers the tools and the confidence to do their job without worry.
The Three Biggest Threats to Endpoint Security in Your Organization Today Blog Series: