More Bumps Ahead for the Mobile Security Bandwagon

Stephen Nardone
Stephen Nardone

The question isn’t if a growing number of your staff will become “road warriors” (or at least work outside of the office/plant/site). Today’s business requirements demand it. The real question is, how will you provide them – and your organization – with the appropriate tools and security features, with minimal impact on productivity?

Historically, organizations have lagged in implementing security safeguards to counter mobile threats. Unfortunately, the number of mobile workers – and thus the attack surface – is soaring. According to IDC, the U.S. mobile worker population will increase from 96.2 million in 2015 to 105.4 million in 2020, representing nearly three-quarters (72.3%) of the total U.S. workforce.

“Mobility has become synonymous with productivity both inside and outside the workplace, and the mass adoption of mobile technology in the United States has cultivated an environment where workers expect to leverage mobile technology at work,” said Bryan Bassett, Research Analyst, Mobile Enterprise Device Solutions at IDC. Good news for productivity, but what about security?

More than half (54%) of IT leaders say they have implemented a mobile security strategy, which should be alarming, if less so than 2013’s 42%. The reality is that mobile security is a big problem, and it’s getting worse.

According to Gartner, by 2017, 75% of security breaches will be the result of misconfigured apps. Along with physical device loss, misuse of apps is the leading cause of data loss on mobile devices. And the ratio of attacks on mobile devices to desktop attacks is already 3 to 1.

Multiple surveys confirm that organizations are aware of the threats posed by a mobile workforce. Security spending will increase nearly 5% to $75.4 billion this year with mobile computing as one of the drivers, along with cloud, the Internet of Things, and advanced targeted attacks.

Another study reports that worldwide mobile security client revenue hit $1.97 billion in 2014, a 46% increase from 2013. The mobile device security client software market is forecast to reach $3.8 billion by 2019.

Keys to Mobile Security

Organizations should focus on preventing data leakage through physical loss or leaky apps, but there are other steps that can be taken, including:

  • Deploy security policies (e.g. define device pass codes, including length and complexity)
  • Rigidly manage allowed versions of platforms and OSes
  • Restrict the use of unapproved third-party app stores

Mobile security is a growing challenge, but at least it’s one that appears to be getting a higher profile – and budget. As with all things security-related, constant vigilance will make for a much more secure environment, wherever that environment happens to be.

Stephen Nardone

Stephen Nardone, CISSP, is Director of Security Practice at Connection with over 38 years of experience in both the government side and the commercial side of the security business.

© 2019 CONNECTION, INC. ALL RIGHTS RESERVED.