Weak Links: More Than 50% of Enterprises Have Out-of-Compliance Mobile Devices
MOUNTAIN VIEW, Calif., Feb. 23, 2016 /PRNewswire/ -- MobileIron Inc. (NASDAQ: MOBL), the leader in mobile enterprise security, today introduced its new research division MobileIron Security Labs (MISL) and MISL's first publication: the Q4 2015 Mobile Security and Risk Review. The Q4 2015 Mobile Security and Risk Review discusses a distinct set of threats and risks, including compliance failures, compromised devices, and data loss risks, not covered in other security reports. The Mobile Security and Risk Review concludes with recommendations for fortifying mobile enterprise deployments.
Download the report: https://www.mobileiron.com/q4-mobile-security-review
Register for the webinar on Tuesday, March 15 at 10 AM PT: https://www.mobileiron.com/en/resources/webinars/mobileiron-q4-mobile-security-and-risk-review
"Mobile threats, both internal and external, are on the rise and the enterprise security chain is only as strong as its weakest link," said Michael Raggo, Director, MobileIron Security Labs. "A single, compromised device can introduce malware into the corporate network or enable the theft of sensitive corporate data that resides behind the firewall."
More than 50% of enterprises have at least one non-compliant device
A mobile device can be non-compliant for a variety of reasons, such as a user disabling personal identification number (PIN) protection, losing a device, lacking up-to-date policies, etc. Non-compliant devices create a broader attack surface for malware, exploits, and data theft.
"The real risk is that enterprises will underestimate the seriousness of the problem," Raggo continued. "A single compromised device that goes undetected constitutes a breach. Whether a company loses millions of records or just one record it's still a breach. For all companies, but particularly ones in highly regulated industries, this is a huge problem."
Compromised devices increased 42%
A jailbroken or rooted device is considered compromised and the incidence of compromised devices increased significantly over the quarter. In Q4, one in 10 enterprises had at least one compromised device. Interestingly, during the quarter the number of enterprises with compromised devices increased 42%. At the same time, malicious attackers are employing various tools to make it harder to identify compromised devices. MISL has found variants of jailbreaking tools as well as anti-detection tools that hide the fact that a device is jailbroken and thus create a false sense of security if undetected.
Other research highlights include:
- Less than 10% of enterprises are enforcing patching which leaves the device vulnerable to data loss.
- 22% of enterprises had users who had removed the PIN which eliminates the first line of defense.
- More than 95% of enterprises have no protection against mobile malware.
To download the Q4 2015 Mobile Security and Risk Review, including the list of the top disallowed mobile apps, please visit: https://www.mobileiron.com/q4-mobile-security-review.
The Q4 2015 Mobile Security and Risk Review is based on aggregated, anonymous usage data shared by customers that was compiled from October 1, 2015 through December 31, 2015.
MobileIron provides the secure foundation for companies around the world to transform into Mobile First organizations. For more information, please visit www.mobileiron.com.