Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

5/14/2013
03:59 PM
Don Bailey
Don Bailey
Products and Releases
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Security Biggest Success Measure For BYOD, New Report Finds

Lumension Security report examines how companies are responding to the security threats presented by the influx of mobile devices on the company networ

A recent survey conducted by Holger Schulze's Information Security Community group on LinkedIn finds that security is both the top concern and top measure for success for enterprises implementing BYOD programs. The BYOD and Mobility Security Report, sponsored by Lumension®, a global leader in endpoint management and security, examined the benefits of BYOD, drivers for implementing a BYOD program and how companies are responding to the security threats presented by the influx of mobile devices entering corporate networks.

BYOD is of interest to many enterprises, with close to 20% widely supporting privately-owned devices, an additional 35% saying BYOD is under evaluation, and some 40% of respondents still supporting company-owned mobile devices. These programs provide many benefits to employees and enterprises alike, including improved employee satisfaction, productivity and mobility, each cited by over 50% of respondents as a primary driver and benefit of BYOD.

However, security is also a very big concern and was cited by 70% of respondents as the top criteria for success, even over employee productivity, cited by 54%. Respondents fear a loss of company or client data, unauthorized access and malware infections, and many say they lack the resources necessary to address these security concerns. In fact, almost a third of organizations say that they do not have even a basic BYOD policy in place to help mitigate some of the risk.

"What is concerning to me is the lack of security that is actively implemented, according to survey respondents," said Paul Zimski, vice president of solution marketing at Lumension. "Over a third of organizations have no security at all and most are relying on just encryption. Encryption is great if the device is lost or stolen, but it does little good against something like a phishing attack. In the end, a mobile device is an endpoint, subject to the same attacks we protect against on so-called traditional endpoints. Encryption simply is not enough."

Mandatory use of encryption was cited as a risk control measure for mobile devices by 40% of respondents. Encryption is considered best equipped to deal with lost or stole devices, which was the third ranked security concern, after lost data and unauthorized access. When asked if they felt ready for a full enterprise BYOD adoption, only 6% responded that their organization was 100% ready, while the majority of respondents claimed to feel less than 50% ready for BYOD.

The BYOD and Mobility Security Report surveyed 1,650 information security professionals around the world through Holger Schulze's Information Security Community group on LinkedIn. The majority of respondents were information security specialists in organizations of 10 - 99 employees. A full breakdown of the survey results is available online here. You can read Paul Zimski's blog post discussing the survey here.

Supporting Resources:

· Survey Results

· Optimal Security Blog

· Lumension on Twitter

About Lumension Security, Inc.

Lumension Security, Inc., a global leader in endpoint management and security, develops, integrates and markets security software solutions that help businesses protect their vital information and manage critical risk across network and endpoint assets. Lumension enables more than 5,100 customers worldwide to achieve optimal security and IT success by delivering a proven and award-winning solution portfolio that includes Vulnerability Management, Endpoint Protection, Data Protection, Antivirus and Reporting and Compliance offerings. Lumension is known for providing world-class customer support and services 24x7, 365 days a year. Headquartered in Scottsdale, Arizona, Lumension has operations worldwide, including Virginia, Texas, Utah, Florida, Ireland, Luxembourg, the United Kingdom, Australia and Singapore. Lumension: IT Secured. Success Optimized.&trade More information can be found at www.lumension.com. Don A. Bailey is a pioneer in security for mobile technology, the Internet of Things, and embedded systems. He has a long history of ground-breaking research, protecting mobile users from worldwide tracking systems, securing automobiles from remote attack, and mitigating ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I can't find the back door.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting