Businesses Lack Protection Against Mobile Data Breaches

Nearly three-quarters (74 percent) reported their organization has experienced a data breach as a result of a mobile security issue, the survey found.

lookout and mobile security

The vast majority of businesses are dealing with mobile security issues, but most are unprepared for them, according to a survey of 100 IT leaders by Lookout, a mobile security vendor and research firm IDG.

Nearly three-quarters (74 percent) reported their organization has experienced a data breach as a result of a mobile security issue, with 38 percent saying that it was due to software vulnerabilities and 36 percent attributing it to malware.

In addition, 82 percent of those surveyed said the majority of their corporate data is accessible to users via mobile devices, and 95 percent believe that data on or accessed by mobile devices brings increased risk of a data breach.

"As mobile productivity increases, employees are creating, consuming, sharing and storing more and more corporate data on their smartphones and tablets—everything from email and login credentials to highly sensitive financial reports," Aaron Cockerill, vice president of products at Lookout, told eWEEK. "If your data is mobile, so should be your security—and a key part of that is raising awareness among employees about how their actions could put their organization at risk."

Cockerill said educating employees about mobile security is incredibly important but often overlooked, which explains why many employees--and employers for that matter--have a false sense of security when it comes to mobile devices, and that misunderstanding needs to be cleared up.

Lookout recently conducted a survey of U.S. federal employees, which found that federal workers are willing to sacrifice government security to use a personal mobile device at work.

The report found 58 percent of respondents were aware of the security consequences of using their personal mobile phones for work, yet 85 percent of them will use their phone for potentially risky activities anyway.

"People value their convenience very highly and usually will take the path of least resistance to accomplish their goals— risky or not," Cockerill said. "Employee education is important, but the proper security technologies that offer visibility into what’s actually happening on systems is also required."

Ninety percent of those surveyed said they are making mobile security a priority to increase their investments in this area over the next 12 months.

"One of the most surprising things came from an interview the report author did with one of the respondents who reported that it took them over a month to trace a breach back to a mobile security issue. Imagine the damage that can be done in a month," Cockerill said. "This is why enterprises need visibility into the threats and risks that mobile devices introduce, so the issue can be remediated before significant damage is done."