In recent months, there has been a lot of publicity around BYOD (Bring Your Own Device). Respectfully, this forward thinking personalizes work culture for employees as well as provides cost savings by scratching mobile device purchases off the list of company spending. Since BYOD provides the opportunity for individuals to act as their own administrators in a sense, mobile security vulnerabilities pose an ever increasing challenge for many companies securing their sensitive data.
Leaving mobile security out of integrated security strategies opens your network to breaches, and with more people conducting work related projects on their mobile devices, the gap widens for malicious attackers to slip through and compromise information. In a May 2012 survey by Informationweek focusing on BYOD, 86 percent of respondents permit use of personally owned devices at work now, with 80 percent of mobile devices requiring only passwords for mobile devices that access enterprise data/networks. Even scarier, just 14 percent require hardware encryption, which leaves a large opening for vulnerability exploitation.
The threats to mobile phones and tablets have been around for a long time. As mobile technology skyrockets to the point that cell phones are now hand held computers, threats to PCs, smartphones and tablets are one in the same. There are initiatives striving to bring the same security measures for PCs and servers to mobile devices, while still allowing workers to personalize their work efforts. Staying ahead of the curve is key. Marc Maiffret, founder of eEye and now CTO of BeyondTrust believes, “desktops and servers are still much bigger targets, which means there’s still time to figure out the mobile security questions.”