Mobile data breaches are real – but the news headlines probably won’t tell you that

Colleagues frequently ask me, “have you seen the news about the latest data breach?” The next question is usually about the details – what was lost, who was impacted, how did it happen, etc. The source of the breach is always of interest as well, but the large breaches don’t typically mention mobile vulnerabilities. So, does that mean attacks on mobile devices are not happening? On the contrary, according to the Verizon Mobile Security Index 2019 that was just released, 69% of respondents said the risks associated with mobile devices have grown in the past year.

Of the over 600 survey respondents:

Mobile security risks have gone up and continue to grow. And, the reliance on mobile devices and increased access to corporate resources continue to grow as well. While this might not be news to you, it was news to one of our customers —a global manufacturer that was surprised when we shared with them that their threat posture included vulnerable OS distribution and critical threats. It showed that 69% of their mobile devices were unpatched and 22% had an active threat within the last 12 months. The good news is that they took action and prepared themselves with MobileIron Threat Defense technology. They now have greater visibility into attempts on their mobile devices and can automatically take action to remediate threats.

What are the risks?

Is your team prepared? Do they know the risks to mobile devices and their potential impact to your business? If you answered, no – you are not alone as respondents to the Verizon study said their organization lacks sufficient understanding of mobile threats and the skills to tackle them. The top risks include user behavior threats such as phishing attempts, and device, network, and app attacks, as well as malicious configuration profiles.

Are businesses prepared?

About 67% of organizations in the Verizon Mobile Security Index responded that they are less confident about the security of their mobile assets than other devices. And yet their attitude about protecting mobile devices is more relaxed than it is about defending servers and personal computers. Verizon also notes that organizations are taking a gamble and exposing themselves to downtime, loss of critical business data, fines, and even damage to their reputation.

Other organizations are relying on employees rather than deploying technology to automate and enforce security policies. Deploying technologies, such as unified endpoint management (UEM) and mobile threat defense, can help block dangerous behavior better than a user. For example, with MobileIron Threat Defense, the threat protection is built into UEM as a single app that provides automatic security, so organizations automatically get 100% user adoption.

Next Steps

Don’t let bad actors (or the news) keep you up at night. Follow these steps to advance to the next level of mobile security so you’re prepared.

  1. Educate yourself and your organization on the importance of mobile threats. Download our eBook to learn about the top mobile threat attacks and how to protect your data.
  2. Improve visibility of your mobile landscape with a solution that offers forensics data.
  3. Choose a solution that’s always-on, provides continuous threat detection with remediation, and that doesn’t require an internet connection. Read our threat report to learn more.
  4. Manage mobile threats with your existing cyber security practice by aggregating the data via SIEM and correlating it together for visibility across your entire security posture.