Mobile Devices Now the Largest Threat to Enterprise Security

A recent Check Point Software survey determined that enterprise network vulnerabilities often result from the ease in which company employees can now connect their mobile devices to insecure wireless networks. The study suggests that the threat level increases with larger organizations. For example, companies that use 2,000 or more devices experience a 50 percent chance that at least six devices have become infected with malware (something to consider since 82 percent of companies now have a BYOD plan in place).

mobile2With the growing acceptance of BYOD (bring your own device) programs, security has become more challenging for many IT departments.

“Mobility, virtualization and other technologies have changed the way we do business,” notes the report’s press release. “While organizations have adopted these tools to enhance productivity, they often forget about the security implications that arise when they lack the proper security implementations.”

Among Check Point’s key findings:

  • Known and Unknown Malware Increased Exponentially (106 unknown malware hit an organization every hour: 48 times more than the 2.2 downloads per hour reported in 2013).
  • Mobile Devices are a Company’s Biggest Vulnerability (72 percent of IT providers agreed that their top mobile security challenge is securing corporate information, and 67 percent said their second biggest challenge is managing personal devices storing both corporate and personal data).
  • Using Risky Applications Comes at a High Price (96 percent of organizations studied used at least one high-risk application in 2014, a 10 point increase from the previous year).
  • Data Loss is Top of Mind (81 percent of the organizations analyzed suffered a data loss incident, up 41 percent from 2013).

“The other risk that mobile devices create is that they could get infected when off the network and then spread that malware around when it reattaches to the business network,” explains Network World.

“Typically, user connections don’t need to connect by going through a next-generation firewall or an IPS system, so the only way to understand if the device is causing harm is to look at the flow information going to and from the device and quarantine it on anything anomalous.”