SOURCE: NetEnrich

September 13, 2016 06:00 ET

NetEnrich Survey: Corporate IT Hounded by Mobile Security Concerns

Four Out of 10 Companies Have Suffered a Loss of Key Corporate Data From a Mobile Device

SAN JOSE, CA--(Marketwired - Sep 13, 2016) - NetEnrich announces the results of a survey on enterprise mobile security. One-hundred fifty IT professionals in North America responded to the survey, which ran online in August. The key takeaway was that corporate IT continues to struggle with how best to protect their organizations from data breaches, viruses and other cyber-security issues brought on by employees using mobile devices.

Most would agree, the massive, global proliferation of mobile devices has created significant challenges for corporate IT security professionals. On the one hand, protecting sensitive corporate data running on mobile devices is paramount to company security. Then again, IT can find itself in hot water with employees, customers and management if mobile device security protocols are found to compromise end-user experience. The issue is muddled further when employees use devices and applications IT has not pre-approved. 

Companies must be proactive in engaging employees about mobile security policies. Fifty-four percent of IT pros surveyed by NetEnrich said their biggest challenge when it comes to managing employee use of mobile devices is simply confirming that all employees have received and reviewed their company's policies. But even that might not be enough. Another 55 percent of respondents said their biggest challenge is convincing employees that following the company's mobile device protocols is in their best interests.

Corporate IT has been clear that its main priority is ensuring their organizations don't experience breaches or attacks -- 68 percent of respondents to NetEnrich's survey listed this as the top goal of their enterprise mobility security plan. Job security is also a priority. Sixty percent said their primary goal was ensuring that they were "covered from an accountability perspective" in the event there was a breach or attack. By comparison, 50 percent said their top goal was providing employees a guide for using mobile devices.

There's more corporate IT can do to prevent potential issues, including better communication about policies to employees (46 percent said this approach might help prevent breaches and attacks). Corporate IT also feels that employees should shoulder more responsibility. Forty-eight percent of NetEnrich survey respondents are advocating stricter penalties for employees if and when their mobile devices are breached. Sixty-two percent said there should be stricter policies about which devices and apps can be used.

Priorities and policies aside, breaches and attacks are a fact of life for enterprises. Forty-two percent of IT pros surveyed by NetEnrich said their organizations suffered the loss of key corporate data from a mobile device. The biggest causes: malware apps (45 percent); public cloud insufficiently secure (44 percent); users cutting and pasting data to unsecured or public locations (42 percent); mobile devices running older versions of operating systems that are known to have security holes (41 percent); and Advanced Persistent Threats lurking on mobile devices (or servers) for a long time (40 percent).

Other key findings from NetEnrich's 2016 Enterprise Mobile Security Survey:

  • 41 percent of NetEnrich survey respondents have lost $50,000-$100,000 over the past three years due to a mobile device security breach or attack
  • 52 percent have outsourced some aspect of their mobile security plan or management; 47 percent said the external provider helped them formulate a security policy, and 63 percent said the provider helped them implement the policy
  • 75 percent have deployed a threat assessment solution to understand their security risks; 40 percent scan mobile devices using malware scanning solutions; 38 percent use audit and automated compliance solutions to ensure mobile devices are not "jailbroken"; 33 percent do regular audits of employee mobile devices to ensure they are not running devices with out of date operating systems
  • 73 percent of organizations have enabled single sign-on for enterprise and cloud apps; 78 percent use multi-factor authentication for access to sensitive apps; 67 percent have migrated on-premises apps to the cloud; 72 percent use Active Directory; 82 percent use Active Directory to support hybrid identification for user access to applications running in the cloud

"Enterprise mobile security concerns, breaches and attacks aren't new, but that doesn't mean corporate IT is better equipped to handle these issues today than they were a few years ago," says Raju Chekuri, president and CEO of NetEnrich. "The reality is, enterprise mobile security is a moving target, for which companies and IT professionals must be adjusting constantly. A policy that works today may not work next year -- let alone two to three years from now. The best approach is for IT to work with partners and vendors who develop modern mobile security solutions and best practices, and who understand both the corporate security and employee user-experience demands of the organization."

Among IT professionals surveyed by NetEnrich, 42 percent said they were at companies with 100-999 employees; 25 percent work at companies with 1,000-10,000 employees. Thirty-one percent of respondents said employees at their company use 500-999 devices total; 37 percent said their employees use a total of 1,000 mobile devices or more. Forty percent of respondents said their employees use Android devices most; 33 percent said Microsoft/Windows devices and 28 percent said devices running iOS, Apple's system.

About NetEnrich
NetEnrich enables its global partners to build, operate and scale their cloud and managed services business by providing white-labeled and white-glove assessment, migration and 24/7 management services. With a network of 100+ partners worldwide that includes managed service providers and cloud solution providers for technologies such as data center, Microsoft Azure, EMS, and cyber security, NetEnrich enables quick launch and scalability of their business & technology practices with minimal investments, and at the same time reduce time to market and minimize execution risk while driving IT consumption. Partners retain complete control of their clients. NetEnrich is headquartered in San Jose, California, with delivery centers spread across the globe. More info at www.netenrich.com

Contact Information