As Enterprise Mobility Usage Escalates, So Does Security Risk

Similar documents
CHANGING FACE OF MOBILITY RAISES THE STAKES FOR ENDPOINT DATA PROTECTION

Security Solutions for Mobile Users in the Workplace

- Samsung Tablet Photo - Tablets Mean Business. Survey of IT pros reflects growing trend toward tablets for workforce mobility and more

Good Technology State of BYOD Report

Why Enterprises Need to Optimize Their Data Centers

BYOD Risks, Challenges and Solutions. The primary challenges companies face when it comes to BYOD and how these challenges can be handled

Trustlook Insights Q BYOD Trends & Practices

2016 Survey: A Pulse on Mobility in Healthcare

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Auditing Bring Your Own Devices (BYOD) Risks. Shannon Buckley

INDIA The Changing Face of the Workplace: Going Light and Mobile

HyTrust government cloud adoption survey

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

SDN HAS ARRIVED, BUT NEEDS COMPLEMENTARY MANAGEMENT TOOLS

A Guide to Closing All Potential VDI Security Gaps

Dissecting NIST Digital Identity Guidelines

General Data Protection Regulation (GDPR) and the Implications for IT Service Management

BELTUG Market Trends Survey Results V-ICT-OR members - August 2015

Make security part of your client systems refresh

CLOSING IN FEDERAL ENDPOINT SECURITY

SDN-Based Open Networking Building Momentum Among IT Decision Makers

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

Mobile Security Trends in the Workplace

Purchase Intentions Spring 2013 EMEA

Tripwire State of Container Security Report

MaaS360 Secure Productivity Suite

Securing Health Data in a BYOD World

State of Cloud Survey GERMANY FINDINGS

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

ENTERPRISE MOBILITY TRENDS

Securing Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013

Building a Threat Intelligence Program

ips.insight.com/healthcare Identifying mobile security challenges in healthcare

The State of the Trust Gap in 2015

ALCATEL-LUCENT OPENTOUCH PERSONAL CLOUD A Revolution in Communications Applications for Enterprise End Users

Sales Presentation Case 2018 Dell EMC

Evolution of IT in the Finance Industry. Europe

ENABLING SECURE CLOUD CONNECTIVITY. Create a Successful Cloud Strategy with Reliable Connectivity Solutions

Modern Database Architectures Demand Modern Data Security Measures

CICS insights from IT professionals revealed

2013 Cloud Computing Outlook: Private Cloud Expected to Grow at Twice the Rate of Public Cloud

The Connected Worker and the Enterprise of Things

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

TRUSTED MOBILITY INDEX

2014 IT Priorities Mark Schlack Sr. VP, Editorial

How to Enable and Secure in the Next Stage of BYOD: Reap the Benefits of Bring Your Own Laptop

Text Messaging Helps Your Small Business Perform Big

Cisco Start. IT solutions designed to propel your business

THE CYBERSECURITY LITERACY CONFIDENCE GAP

Taming the Mobile File Sharing Beast

The data quality trends report

2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE THIRD ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE

Security in India: Enabling a New Connected Era

The 2013 Digital Dilemma Report: Mobility, Security, Productivity Can We Have It All?

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Machine-Powered Learning for People-Centered Security

3-Part Guide to Developing a BYOD Strategy

Best Practices for PCI DSS Version 3.2 Network Security Compliance

RIS News Custom Research

Virtualizing Networks:

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

270 Total Nodes. 15 Nodes Down 2018 CONTAINER ADOPTION SURVEY. Clusters Running. AWS: us-east-1a 23 nodes. AWS: us-west-1a 62 nodes

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Securing Today s Mobile Workforce

Single Secure Credential to Access Facilities and IT Resources

Multi-Factor Authentication

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

The Device Has Left the Building

Spotlight Report. Information Security. Presented by. Group Partner

The future of UC&C on mobile

TESTING TRENDS IN 2015: A SURVEY OF SOFTWARE PROFESSIONALS

Real estate predictions 2017 What changes lie ahead?

Application Delivery Strategies for Today s Increasingly Mobile Workforce

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

TechValidate Survey Report: SaaS Application Trends and Challenges

Enterprise Mobility Management Buyers Guide

Transformation Through Innovation

Enterprise Mobility Management

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

Securing Your Cloud Introduction Presentation

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

DaaS Market Report Workspace Services and Desktops-as-a-Service Global Market Trends: The Service Provider Perspective

Securing Institutional Data in a Mobile World

THREE-PART GUIDE TO DEVELOPING A BYOD STRATEGY WHITE PAPER FEBRUARY 2017

Solid State Storage: Trends, Pricing Concerns, and Predictions for the Future

2016 Survey MANAGING APPLE DEVICES IN HIGHER EDUCATION

MOVING MISSION IT SERVICES TO THE CLOUD

IT TRENDS REPORT 2016:

Rethink Enterprise Endpoint Security In The Cloud Computing Era

State of SMB IT 1H 2012

How to Evaluate a Next Generation Mobile Platform

Managing BYOD Networks

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

Securing BYOD With Network Access Control, a Case Study

THREE COLOCATION MYTHS HEALTHCARE PROVIDERS SHOULD LEAVE BEHIND. Exploring Security, Compliance, and Performance in Healthcare IT

Transcription:

YOUR SECURITY. CONNECTED WHITE PAPER As Enterprise Mobility Usage Escalates, So Does Security Risk Even as more organizations embrace the use of mobile devices by employees and customers to access services and applications, a new survey indicates that IT professionals are wrestling with heightened security risks and are looking for help. The debate is over: Use of mobile devices such as notebooks, tablets and smartphones is trending up way up in enterprises of nearly all sizes and in all industries. Research indicates that 62% of U.S. employees use a smartphone to access company applications and services, 1 and 54% of respondents to another study indicated they are increasing application development for mobile devices. 2 Global tablet use for business workloads also is on the rise; nearly 20% of worldwide tablet purchases will be made directly by enterprises by 2017. 3 But there s a dark side to that increased reliance on mobile devices throughout the physical and virtual enterprise: much higher vulnerability to data breaches, malware and compliance violations. IT organizations and their users understand that stark reality. For instance, 90% of U.S. federal government employees are using mobile devices in the workplace, but just 11% of those employees are adhering to mobile security best practices. 4 That disconnect isn t limited to the public sector: In industries such as retail, health care, financial services and many others, IT organizations are straining to provide a more flexible and satisfying experience for employees and customers by supporting mobile devices, while still ensuring a safe, secure and compliant environment. A new study, based on responses by 140 IT professionals that are registered members of TechTarget Web communities, sheds valuable light on this challenge, and offers insights into some of the steps organizations are taking to tame the mobile security beast. Some of the key takeaways: Nearly 90% of respondents said their organizations support a bring-your-own-device (BYOD) policy, but barely half of them say it s an official program. While use of cloud-based services is widespread among respondents end users, fewer than half of them said they officially support those services. Seven in 10 respondents said the increased use of mobile devices by employees and customers has significantly or moderately raised their organization s risk profile. Virtually every single respondent said providing an enhanced user experience through mobile device usage has had a negative impact on security and compliance. Single-sign-on is widely used as a way to protect data and is seen as worth the money and effort required to deploy it; two-factor authentication, however, is not yet broadly adopted. 1 Companies, Vendors Take Aim at Mobilizing Business Workflows, 451 Research, August 2014 2 US Mobile Applications and Cloud Survey, 451 Research, June 2014 3 Global Business and Consumer Tablet Forecast 2013-2017, Forrester Research, August 2013 4 2014 Mobilometer Tracker: Mobility, Secure and the Pressure in Between, Mobile Work Exchange, January 2014

Malware, lost/stolen devices, accessing inappropriate content and social media are the biggest concerns respondents said they have about the increased use of mobile devices in the workplace. State of mobility in the enterprise BYOD is no longer an industry trend; it s a fact of life for enterprise-wide operations and the IT organizations that must support them. According to the study, the overwhelming majority 87% of respondents indicate that their organization has some kind of BYOD policy. However, it s enlightening to note that in only a slim majority of cases 54% are those BYOD policies actually formalized. The rest appear to be an ad-hoc mix of user-driven practices and some loose collaboration between users and IT. What is your organization s approach to BYOD? 14% 19% 54% Formal policy driven by IT Informal policy driven equally by IT and users Informal policy driven by users Do not allow BYOD As a result of this widespread BYOD presence throughout the organization, it s not surprising to see that employees are frequently using multiple mobile devices (such as notebooks, tablets and smartphones) for work requirements. Nearly 60% of respondents said employees are often using multiple mobile devices in their jobs, and another 21% said employees are using multiple devices at least on occasion. How extensively do employees use multiple mobile devices for work? 11% 8% Often 21% Occasionally 60% Rarely/never Unsure 2

It s also interesting to note that customers also are frequently using mobile devices to access services of respondents organizations. According to the survey results, 68% of respondents said customers are using mobile devices either extensively or moderately to access services, and another 19% are using mobile devices for access to services at least on occasion. For IT organizations, supporting a growing mix of mobile devices both for employees and customers adds to the complexity of their job. One big reason why is the diversity of mobile operating systems that are being used by employees and customers. Apple s ios, Google s Android, Microsoft s Windows Phone and BlackBerry are heavily in the mix of mobile operating systems supported by IT organizations. Even mobile operating systems with relatively small market shares such as Firefox and Ubuntu are among those that respondents said they have to support. On average, respondents said they are supporting about three different mobile operating systems. Which Mobile OS does your IT organization support for users? ios 80% Andriod 77% Windows Phone 48% Blackberry 40% Firefox Ubuntu 8% Other 10% 0% 10% 20% 30% 40% 50% 60% 70% 80% Another challenge for IT organizations is employees use of cloud-based services and offices for work requirements. Office365, DropBox, Google Drive and Amazon Web Services are just a few of the increasingly popular portfolio of subscription-based cloud services employees are using, and it increasingly falls to IT professionals to determine how or if to support users in those cases. According to the survey respondents, IT organizations generally do not provide official support for cloud-based services for access to company data or services. One in five respondents said their organizations specifically disallows or at least discourages employees from using those services. It s also worth noting that of respondents said they do not know if their users are accessing company data via cloud services; that lack of visibility certainly can prove problematic for IT departments. 3

Does your IT department support use of cloud-based services and apps? Yes, officially 21% Yes, but unofficially 20% 46% No Unsure How mobility impacts the threat profile One question all organizations and especially IT professionals and those charged with IT security wrestle with is evaluating the cost-benefit analysis of increased enterprise mobility. Specifically: Does allowing mobile device usage by employees and customers come with added security risks? Is the benefit in providing an enhanced user experience for employees and customers in supporting mobile device usage worth the potentially enhanced risk profile? According to survey respondents, the answers are yes and yes, but. Respondents answered strongly that allowing employee and customer use of mobile devices has significantly raised their organizations risk profile for security breaches, data loss and/or compliance problems. In fact, more than a quarter of respondents said that trend has significantly increased their risk profile. How has increased mobility affected your risk profile for security breaches, data loss and compliance? 24% 6% 1% Significantly increased 27% Moderately increased Kept risk profile about the same 42% Moderately reduced Significantly reduced 4

When asked about weighing the benefits of a superior user experience with mobility solutions against the challenges they face in ensuring security and compliance, virtually every single respondent agreed that supporting mobility solutions represented at least a moderate negative impact on their ability to ensure security and compliance. However nearly three in four respondents said that, while creating the positive user experience can have some impact on security and compliance, they feel they can usually work around it. How has creating a superior user experience with mobility impacted your ability to ensure security and compliance? 1% 28% Major negative impact 71% Moderate negative impact but we can usually work around it No negative impact What organizations are doing about it Two-factor authentication, single-sign-on and audit-trail software are three ways IT organizations may try to shore up their potential security vulnerabilities associated with increased use of mobile devices. Some key takeaways from respondents on each of those solutions: Two-factor authentication is used in most respondents organizations for mobile device security, but it does not appear to be an enterprise-wide solution. ùù ùù 35% of respondents said it was a company-wide requirement for employees devices, but another 31% said it was used only for certain applications or levels of employee access. A higher percentage of respondents 44% said they require their customers to use two-factor authentication for accessing services from their mobile devices. Protecting data with single-sign-on capability is definitely worth the cost and effort associated with deploying and managing that functionality. ùù 35% of respondents said it was absolutely worth it, while another 37% said it was usually worth it. Two thirds (66%) of respondents said it is important for their organizations to use audit-trail software or services to track employees access to online or cloud applications. What keeps IT professionals up at night when it comes to how increased use of mobile devices impacts security and compliance? Respondents put user-based malware, lost/stolen devices, accessing inappropriate content and social media as their biggest areas of concern. 5

Which issues give you significant concern about security and compliance with the increased use of mobile devices? Malware on user devices 67% Lost/stolen devices 61% Accessing inappropriate content 41% Social media 40% Insufficient authentication/encryption Lack of best practices for mobile usage 37% 35% Accessing cloud-based apps/services Lack of in-house expertise for MDM 28% 26% 0% 10% 20% 30% 40% 50% 60% 70% Finally, it s clear that respondents are looking for new ways to further secure their organizations data, content and infrastructure against potential security and compliance threats in the face of pervasive enterprise mobility. Technologies such as two-factor authentication, single-sign-on and audit trail software certainly are part of the solution, but respondents readily acknowledge they need to be more aware of all options available to them. In fact, most respondents agreed with a hypothetical statement that they don t fully understand the entire range of options available to them to secure mobile devices without impacting the user experience. Our organization realizes that allowing employee/customer use of mobile devices adds security risk, but we don t fully understand the full range of options available to secure those devices without impacting the user experience. 7% Strongly agree 24% 22% Agree Neither agree/disagree 34% Disagree Strongly disagree 6

Conclusion Mobility may be a fact of life in just about all enterprises, but that doesn t mean IT organizations aren t concerned about its impact on security and compliance. In fact, while acknowledging that their organizations increasingly support mobility in a wide variety of ways, survey respondents are clearly concerned that their risk profiles have been made more vulnerable and that they need to do more to alleviate their concerns. 2015 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Chain Design are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. 2015-05-08-hid-ent-mob-sec-risks-wp-en PLT-02435 TechTarget 2015 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback