32% of companies sacrifice mobile security to improve business performance

Companies are not equipped to handle the security concerns associated with IoT and BYOD, according to a Verizon report.

Video: How enterprise IT can prepare for Bring Your Own Everything device policies At Mobile World Congress Americas 2017, Gartner researcher Michael Disabato discussed the need for IT to balance user experience with security requirements when it comes to BYOD.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • 32% of mobility professionals said their organization sacrifices mobile security to improve business performance. — Verizon, 2018
  • Only 14% of organizations said they had implemented the most basic cybersecurity practices. — Verizon, 2018

Mobile has become a key component of enterprise operations, with apps and Internet of Things (IoT) devices a commonality in many organizations. However, companies are failing to keep up with cybersecurity best practices in this increasingly mobile environment: 32% of organizations admit to sacrificing mobile security to improve business performance, according to Verizon's Mobile Security Index 2018.

The 600 mobility professionals surveyed for the report said that this lack of security vigilance is leading to major consequences: Professionals that said they knew their organization chose performance over security were more than twice as likely to have experienced data loss or downtime at their company (45% versus 19%).

Despite the risks, only 14% of organizations said they had implemented even the most basic cybersecurity practices, the report found. Just 39% said they change all default passwords, while 38% said they use two-factor authentication on their mobile devices. And only 59% restrict which apps employees can download from the internet to their mobile devices.

SEE: Mobile device computing policy (Tech Pro Research)

Of the industries examined in the study, healthcare and the public sector were most likely to experience a security issue. Some 35% of healthcare organizations and 33% of public sector entities said they had suffered data loss or downtime due to a mobile device security incident.

"As mobility becomes more integral to business operations in today's digital economy - from supply chain management to IoT-enabled sensors to customer-facing mobile apps - protecting mobile platforms is critical," Thomas J. Fox, senior vice president with Verizon, said in a press release. "Securing the multitude of mobile devices that connect to public and private networks and platforms is paramount for protecting corporate assets and brand integrity."

The report offered the following recommendations for protecting the mobile enterprise:

1. Reduce the risk of malicious applications. Organizations should implement policies that determine which apps can be downloaded by employees, and even create a custom app store to make the environment more secure. They can also deploy application management software that scans apps for vulnerabilities.

2. Improve device management. Companies must ensure that all default passwords are changed, deploy mobile endpoint security and threat detection to all devices, and implement Mobile Device Management (MDM) and Enterprise Mobility Management (EMM).

3. Increase employee awareness. Organizations should implement a strong password policy and ensure adherence, provide regular security training, and test employee awareness annually. They should also regularly review employee access to systems and data, and create an incident response plan to help reduce damage caused by a security breach.

Also see

istock-813024716.jpg
Image: iStockphoto/Tero Vesalainen