Seventy-six percent of respondents to a Lookout survey access corporate data from personal mobile devices and/or public WiFi networks.
“Mobility, SaaS and cloud computing are enabling end users to access corporate data from any device and any location, rendering traditional perimeter security ineffective,” said Santosh Krishnan, Chief Product Officer, Lookout. “So it is not surprising that, in this post-perimeter era, an overwhelming majority of respondents have accessed corporate data from personal mobile devices or through public WiFi networks. This is concerning, as attacks, like phishing, have evolved to take advantage of the fact that existing perimeter protections no longer have visibility into user traffic. Enterprises need to adopt a post-perimeter security architecture to secure access to their corporate data.”
Other survey results include:
- Growing mobile cybersecurity incidents — 1 in 10 RSA attendees report that their organization has experienced a mobile cybersecurity incident or breach in the past 12 months; however, according to the Verizon Mobile Security Index 2019 (MSI), 1 in 3 companies admitted they’d suffered a compromise in which a mobile device played a role. In fact, according to the Verizon report, the number of companies admitting they’d suffered a compromise in which a mobile device played a role went up from 27% in the 2018 report to 33% this time around.
- Increasing mobile security investment — 52 percent of RSA attendees plan to increase their mobile security spend in the next 12 months, underscoring a growing awareness of mobile security risk.
- Mobile security habits — 76 percent of RSA attendees have accessed their corporate network, corporate email or corporate cloud services from a personally-owned mobile device or tablet. Additionally, 76 percent of RSA attendees have accessed their corporate network, corporate email or corporate cloud services from a public WiFi network, such as a coffee shop, airport or hotel. Mixing personal and public environments with corporate data can be a source of significant security risk, and is responsible for the erosion of traditional network perimeter security.
- Focus on securing connections to corporate email, messaging apps and storage — Most commonly, RSA attendees reported using their mobile devices to access corporate email (85%), messaging, such as Slack (53%), and storage services, such as Google Drive or Box (43%).