Mobile

11/27/2018
09:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

More Than Half of Companies See Rise in Mobile Security Threats: Bitglass 2018 BYOD Report

43 percent of firms do not know if devices accessing corporate data have downloaded malware.

CAMPBELL, CA - Nov. 15, 2018 - Bitglass, the Next-Gen CASB company, has released its 2018 BYOD Security Report. The analysis is based on a survey of nearly 400 enterprise IT experts who revealed the state of BYOD and mobile device security in their organizations.

According to the study, 85 percent of organizations are embracing bring your own device (BYOD). Interestingly, many organizations are even allowing contractors, partners, customers, and suppliers to access corporate data on their personal devices. Amidst this BYOD frenzy, over half of the survey’s respondents believe that the volume of threats to mobile devices has increased over the past twelve months.

“While most companies believe mobile devices are being targeted more than ever, our findings indicate that many still lack the basic tools needed to secure data in BYOD environments,” said Rich Campagna, CMO of Bitglass. “Enterprises should feel empowered to take advantage of BYOD’s myriad benefits, but must employ comprehensive, real-time security if they want to do so safely and successfully.”

Key Findings

● Organizations are embracing BYOD, making it available to employees (76 percent), contractors (27 percent), partners (25 percent), customers (22 percent), and suppliers (19 percent).

● 51 percent of respondents believe the number of threats targeting mobile devices has increased in the past year. Unfortunately, only 30 percent of firms are confident that they are properly defending against malware on personal and mobile devices.

● 30 percent of enterprises cite company security concerns as the leading inhibitor to BYOD adoption; specifically, they are worried about data leakage (61 percent), unauthorized data access (53 percent), and the inability to control uploads and downloads (53 percent).

● One in five organizations lacks visibility into basic, native mobile apps (like email) on personal devices.

● Only 56 percent of companies can employ key functionality like remote wipe for removing sensitive data from endpoints.

Methodology

Bitglass partnered with a cross-industry cybersecurity community to survey nearly 400 IT experts about the state of BYOD security in their organizations. To learn more, download the 2018 BYOD Security Report here: https://pages.bitglass.com/MissionImpossibleSecuringBYOD_LP.html

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11469
PUBLISHED: 2019-04-23
Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.
CVE-2013-7470
PUBLISHED: 2019-04-23
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.
CVE-2019-11463
PUBLISHED: 2019-04-23
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive through 3.3.3 allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo.
CVE-2019-0218
PUBLISHED: 2019-04-22
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
CVE-2019-11383
PUBLISHED: 2019-04-22
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml