ZONE SE7EN > Blog > Mobility > Mobile Malware is on the up!

Mobile Malware is on the up!

  • By Allie Philpin 
  • Category: Mobility 
  • Comments (0) 

By Allie Philpin

It’s 10 years since we experienced Cabir; a worm that infected Symbian-based devices and spread via Bluetooth as a .sis package.  Since then, mobile devices and security seem to have run wild as incidents of mobile malware are significantly on the increase.  And it seems, says a survey about enterprise security carried out by InformationWeek last year, many security professionals are still in the dark about what devices – mobile, laptops, tablets, etc. – have access to their networks.

InformationWeek’s 2013 Mobile Security Survey revealed that the principal worry among IT security professionals, 78% of 424 survey participants, is stolen or lost devices, irrespective of the device being provided by the company of a personal device that holds corporate data.  36% of respondents said that corporate information being stored in the cloud was of great concern, too; in fact, it is the second highest concern.

As the concerns about mobile security rise, around 46% of security professionals are now working on mobile device management, developing policies and security protocols such as power-on passwords for mobile devices that are used to access enterprise content.  But many, 42% of respondents, admit that they don’t have any malware scanning software installed, whilst just 39% state they have software for mobile device management in place.

The survey revealed further key findings:

•    Encouragingly, 53% of survey respondents have to enter a password length that is more than 4 characters in length.
•    45% say that they allow any mobile device to access the corporate network as long as the user has agreed to the organisation’s corporate policies… but it isn’t enforced!
•    22% of security professionals admit they are worried about mobile devices being rooted or jail-broken by users.
•    Whilst just 7% (thankfully!) of respondents say that they do not have any password-strength policy in place.

These statistics are extremely worrying, when you consider that in the past 12 months, 11% of respondents have experienced a data loss that required public disclosure, and even more alarming is the fact that 45% of mobile devices that hold enterprise data have been missing in the same timeframe!  There are also organisations, 28% according to the survey, that don’t adhere to any regulations, such as HIPAA, PCI-DSS, SOX  or any state-level disclosure laws, yet many do.  And the number one excuse for not managing mobile device security?  Well, there’s two actually… one is a lack of skills, and the other is financial with 16% of respondents citing costs.  But at the end of day, can organisations really afford not to ensure their corporate data on mobile devices is secure?  Not really…

Subscribe to our mailing list

* indicates required Email Address * First Name * Last Name *