Ensuring Security and Compliance in a BYOD World

When asked to rank several mobile platforms in order of security concerns, Android was consistently mentioned as the top concern. Forty-seven percent of survey-takers placed it first.

Graphic courtesy of CUPP Computing Mobile Security Multinational Decisionmakers Study 2015

July 13, 2015

Art Swift

One Comment

IT security is complicated enough. The widespread adoption of BYOD mobile devices and the overall consumerization of IT promise to complicate security efforts exponentially. Are companies up to the challenge?

According to a recent multinational survey commissioned by CUPP Computing and conducted by Decisive Analytics, many companies are not satisfied with the mobile security they have, particularly in the face of a changing security environment. Some have yet to implement a mobile security environment at all.

Among the study’s findings:

In general, most larger companies reported having a mobile security solution in place, although they had concerns about shortcomings to those products.
By contrast, more than a third of smaller companies (less than 100 employees) had no mobile computing security solution at all.
Fully 68 percent of mobile security decision makers said better mobile security is needed to prevent or mitigate targeted attacks.
Some 66 percent also feel the need to fulfill a compliance requirement – such as HIPAA, EU Data Protection, PCI – with mobile security.
Among larger companies, compliance is a key driver to mobile security purchases. Smaller companies didn’t see this compliance need.

Among the security concerns expressed by IT professionals, 47 percent ranked Android devices as the top mobile security concern, followed by Windows phones (24 percent), then Apple and Blackberry devices.

In open comments, IT professionals cited cost of deployment and government intrusion as additional security concerns.

The survey indicates that IT managers are already aware that a full suite of features are necessary to protect against these novel attacks.

For example, when asked to rank a variety of mobile security features:

84 percent said enterprise-level products such as anti-malware, Web reputation, firewall IPS/IDS were critical.
Some 80 percent also put data protection services such as mobile container, application wrapping and data loss prevention services on the critical list.
79 percent added baseline mobile compliance.

Interestingly, IT security managers acknowledged the importance of mobile security in cloud environments as well.

For instance:

58 percent of decision makers said they want to ensure secure access to corporate data in the cloud
65 percent said want to secure valuable data on employees’ mobile devices
59 percent want to protect the device itself from damaging malware.

Security and IT managers rated the current priority of several security-related items in their enterprises, and preventing or mitigating targeted attacks was ranked the most urgent.
*Information courtesy of CUPP Computing Mobile Security Multinational Decisionmakers Study 2015*
Priority	Percent Rating "Very High" or "Urgent"
Achieve and maintain regulatory compliance	66
Prevent and/or mitigate targeted attacks	68
Secure mobile access to corporate applications in the cloud	58
Prevent corporate data loss from mobile devices	65
Deploy mobile anti-malware software	59

The perception that a mobile security problem exists only in the U.S. is also false. The survey included responses from five countries around the world (U.S., Japan, UK, France and Germany) and found an increase in concern over targeted attacks and data breaches worldwide. The only strong point of variance was in compliance: Japanese respondents generally did not express a need for mobile security compliance reporting.

Overall, with the widespread adoption of the BYOD philosophy, mobile devices are becoming an attractive target for intrusion and sophisticated attackers everywhere. Large companies and small businesses alike are looking for the next level of protection for their sensitive corporate and customer data, for their corporate reputations, and to ensure adequate regulatory compliance.

Companies are clearly interested in a hardware-based solution to protect data on site, in the cloud and on mobile devices themselves.

Art Swift is CEO of CUPP Computing, which provides security solutions for mobile systems, such as tablets, smartphones, remote service devices and the Internet of Things (IoT). CUPP Computing is headquartered in Oslo, Norway, and has operations in Netanya, Israel, and Palo Alto, California.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Join our subject matter experts as they explore how the right systems can help identify, analyze and report potential incidents and help building owners sustain compliance and create safer spaces.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Ensuring Security and Compliance in a BYOD World

Related Articles

Related Products

Report Abusive Comment