According to a report by CompTia, 28% of businesses view security as a significantly higher priority today compared to two years ago, and an even greater percentage of businesses expect the importance of security to rise in the next two years. The study also revealed that while many companies assumed a satisfactory level of security, they did not fully comprehend their exposure to potential security threats. The rise in security threats is largely due to emerging technologies, causing businesses to take a new approach to security. End users now have access to powerful devices and business class systems, often without the oversight of an IT team. Therefore, investing in mobile security is one the smartest things your small to medium sized business can do to protect your organization.
The Human Element to BYOD
According to the study, the factors in security breaches fall 45% to technology error and 55% to human error. With the BYOD (Bring Your Own Device) trend, more and more employees are bringing their own mobile devices to work, and end users typically do not have the background knowledge of security that allows them to recognize potential threats. The desire for productivity and flexibility is driving many businesses to adopt a “use first, secure later” attitude when it comes to mobile security, but this approach puts your business in danger.
Most Common Mobile Security Incidents
Mobility forces businesses to consider data leaving the company in the hands of its employees. The top three reasons for mobile security incidents include: lost/stolen devices, mobile malware, and employees disabling security features. Mobile malware is quickly becoming a growing concern, up 19% from 2012. Since there is a much stronger personal connection to mobile devices, employees are apt to want to use their device however they want to. And, since mobile devices are more closed than laptops, IT departments are not able to place the same safeguards on smartphones and tablets as they are on many other devices.
How to Develop a Mobile Security Plan
The biggest goal with mobile security becomes one of education rather than technical improvement. Companies are quickly realizing that their mobile device security education must be interactive, ongoing, and measurable in order to raise awareness about mobile security. Organizations that have made mobile security education a priority indicate that appropriate and effective training has provided a “relatively high value” or “very high value.” In addition to educating your employees, it’s important to encrypt data on mobile devices, keep OS and apps up to date, and prevent jailbreaking on smartphones. Also make sure that your employees keep passcodes on their devices; while this measure has limited security potential, it at least provides some protection against amateur attackers. If your organization needs guidance learning more about mobile security, contact your trusted IT advisor today.