Mobile devices are one of the weakest links in corporate security. Executives are wrestling with managing a proliferation of devices, protecting data, securing networks, and training employees to take security seriously. In our Tech Pro Research survey of chief information officers, technology executives, and IT employees, 45% of respondents saw mobile devices as the weak spot in their company’s defences. (Employee data was cited by 37%, followed by wireless access of networks at 34% and bring-your-own-device efforts at 29%.)
Meanwhile, the potential for mobile attacks continues to expand. In July comScore reported that half of all digital time was spent on smartphone apps, and 68% percent of time was spent on a mobile device. If mobile security isn’t a problem for your company yet, it will be.
Consider the following recent events:
- A flaw called “Quadrooter” left more than 900 million Android devices vulnerable to attacks. The code was published online. Google has since patched Android.
- Pokémon Go became a global phenomenon, but people in regions without the game downloaded it from unauthorized marketplaces, exposing their devices to malicious attacks.
- Researchers at Binghamton University found that wearable devices and smartwatches can give away PINs and passwords through an algorithm that has 80% accuracy on the first try and 90% after three attempts.
Securing mobile devices is tricky. Android is a fragmented mobile operating system. Security researchers are anticipating more attacks on Apple’s iOS. Employees lose their devices and can be lax with security compliance. Toss in people bringing their own unsupported devices to work and you can see why security executives are stressed.
Copyright: hbr.org https://hbr.org/2016/09/your-biggest-cybersecurity-weakness-is-your-phone