YOU ARE AT:SoftwareStudy: Lack of visibility for mobile devices, networks boosts enterprise security risks

Study: Lack of visibility for mobile devices, networks boosts enterprise security risks

A “significant lack of visibility into [mobile] devices and networks” puts enterprises at risk, according to a new study.

The research, commissioned by NetMotion Software and conducted by Enterprise Mobility Exchange, found that almost half of mobile workers spend most of their time on non-corporate carrier or public Wi-Fi networks — and more than a quarter of those reported using such networks for more than three-quarters of their time. Most of the companies surveyed lacked the tools to check when devices had connected via unsecured networks, and more than half were “unsure how to even monitor device data traffic and which servers users were connected to beyond their corporate firewalls,” according to Enterprise Mobility Exchange. Some of the security concerns included vulnerability to phishing attacks or data loss, spyware, network spoofing and insecure applications.

“Without visibility into basic details, such as which devices were connected to their network with corporate VPN, enterprises are working in the dark and are more vulnerable to unknown threats,” the study concluded. “It is nearly impossible to measure the potential security incidents without real-time knowledge into how devices are currently being used.”

“Our study showed that it’s impossible to devise effective strategies for mitigating mobile security threats if you don’t know what devices are doing for a large part of the time they’re in use,” said Dorene Rettas, managing director for Enterprise Mobility Exchange. “Moreover, the widespread use of third-party networks creates a blind spot that needs to be addressed in order to make devices truly secure.”

Other findings on enterprise security included:

– Most respondents reported having some type of mobile security policies in place to reduce risks, but about one-third said there was no active enforcement of such policies.

-36% of those surveyed did not provide employees with security training to reduce unsafe user behavior.

-66% of the companies surveyed did not require users to connect through a secure, virtual private network in order to gain access to corporate data.

“As office and field work continue to demand always-on access to applications, it’s in an organization’s best interest to provide employees secure access to a variety of Wi-Fi and carrier networks,” added Christopher Kenessey, CEO and president of NetMotion, in a statement. “But enterprises still have a ways to go to ensure visibility and security over device and user behavior across networks outside the firewall.”

The survey was conducted in the U.S. in July and August of this year, with more than 130 respondents at companies with corporately owned mobile devices.

 

ABOUT AUTHOR

Kelly Hill
Kelly Hill
Kelly reports on network test and measurement, as well as the use of big data and analytics. She first covered the wireless industry for RCR Wireless News in 2005, focusing on carriers and mobile virtual network operators, then took a few years’ hiatus and returned to RCR Wireless News to write about heterogeneous networks and network infrastructure. Kelly is an Ohio native with a masters degree in journalism from the University of California, Berkeley, where she focused on science writing and multimedia. She has written for the San Francisco Chronicle, The Oregonian and The Canton Repository. Follow her on Twitter: @khillrcr