Mobile devices aren’t the biggest security threat to enterprises

enterprise mobile choose your own device CSC Blogs

There’s a new Check Point Software security report which concludes that “mobile devices are a company’s biggest vulnerability.”

“Mobile devices are the weak links in the security chain, providing easier direct access to more valuable organizational assets than any other intrusion point,” Check Point says in a statement announcing its 2015 security report, which is based on analysis of more than 300,000 hours of monitored network traffic and 1 million smartphones.

Indeed, the metrics Check Point lays out to make its case seem compelling:

  • In an organization with more than 2,000 devices on its network, there’s a 50% chance that at least six connected mobile devices are infected or targeted.
  • 42% of businesses in 2014 suffered mobile security incidents costing more than $250,000 to remediate.
  • 44% of enterprises don’t manage organization data on employee-owned devices.

Despite Check Point’s assertion that mobile devices top the list of enterprise vulnerabilities, the software vendor’s own survey shows that IT professionals can identify the No. 1 security weak point:

  • 87% of IT pros say careless employees are a greater threat to security than cybercriminals.
  • 92% say employee behaviors could have made a difference in preventing high-profile security breaches

The real security problem is those darned humans, as any IT worker in the history of IT would tell you. Employees lose devices, they fail to use basic security functions such as passwords, remote lock and remote wipe, they won’t use encryption, they will use unsecured public Wi-Fi, and they download apps from sketchy websites that are fetid repositories of malware. Oh, and some of them are suckers for social engineering.

So yes, mobile technology brings with it a number of security challenges, some of which can be effectively managed if IT deploys the right tools (and given that more than half of Check Point’s survey respondents say they aren’t actively managing enterprise data on BYOD devices, there’s plenty of room for improvement on that front).

But the best defense against mobile vulnerabilities is an educated and aware workforce. Getting to that point is a frustrating and endless process, but it’s better than the alternative.

How much of your enterprise’s mobile workers are security-savvy?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: