Data loss from lost, stolen or decommissioned devices and mobile malware have come out tops in a mobile security survey that was recently concluded by the Cloud Security Alliance (CSA).
Conducted by the CSA’s mobile working group, the survey involving over 200 enterprise respondents from 26 countries serves as an important step in a larger effort to guide enterprises on what to focus on to address mobile security threats.
John Yeoh, research analyst at CSA, said: “Personally owned mobile devices are increasingly being used to access employers’ systems and cloud-hosted data, both via browser-based and native mobile applications. This without a doubt is a tremendous concern for enterprises worldwide”.
“The results of this research will play an important role as we set out to develop much needed guidance on where time, talent and money should be placed when it comes to addressing mobile security threats,” he added.
Patrick Harding, chief technology officer of Ping Identity, a cloud identity security firm, noted that the results of the CSA survey are testament to the security threats that mobile devices introduce to corporate networks.
“With more and more enterprises adopting a BYOD model, it is critical that mobile devices adhere to the same corporate security policies as other devices and that proper identity and access management processes are put in place to ensure the security and integrity of the organisation.”
Besides highlighting the top mobile security threats, 64 percent of respondents believe that NFC and proximity-based hacking will happen as early as next year. In addition, 81 percent of respondents believe that insecure Wi-Fi and rogue access points are already happening today.
“This is of particular concern as the proliferation of mobile devices consequently increases the use of and reliance on Wi-Fi networks,” CSA said in a statement last week.
Dan Hubbard, CTO of OpenDNS, an Internet security company, added that as “we move further into an era where mobile computing is ubiquitous, we’re seeing an entirely new threat landscape that involves newer concerns like lost devices and rogue marketplaces, but also a heightened level of concern over insecure public Wi-Fi as we rely more and more on access as we travel.”
Top Mobile Threats
1. Data loss from lost, stolen or decommissioned devices
2. Information-stealing mobile malware
3. Data loss and data leakage through poorly written third-party applications
4. Vulnerabilities within devices, OS, design and third-party applications.
5. Insecure WiFi, network access and rogue access points
6. Insecure or rogue marketplaces
7. Insufficient management tools, capabilities and access to APIs (includes personas)
8. NFC and proximity-based hacking