Six mobile security fears that keep CISOs up at night

By Karin Kelley

| Healthcare

Many of us have fears, rational or otherwise, and CISOs and other security professionals are no exception. After all, with reports of serious data breaches surfacing all too often these days, who could blame CISOs for being on edge?

The following are six of the most common mobile security fears among enterprise executives:

1. BYOD

Whether CISOs like it or not, employees are accessing corporate data and apps on their personal devices. Besides the fact that these devices could be lost or stolen, it’s also difficult to stay on top of constant upgrades to multiple operating systems. Further, employees are probably downloading unsanctioned mobile apps that are not inherently secure and are likely sharing documents on cloud-based collaboration platforms.

2. Commingling of personal and business data

When employees use their personal devices for business reasons, they run the risk of exposing corporate data to malware from insecure personal apps. If the device is compromised, it is difficult for IT to pinpoint which data should be wiped. If they wipe personal files, employees often become disgruntled and ultimately unproductive.

3. Compliance

Highly regulated industries such as healthcare and finance face harsh penalties and potential reputational loss if sensitive data is compromised. Unfortunately, these industries are common targets. It can be difficult to develop cross-departmental procedures between IT, HR and legal to manage this risk, as many organizations still work in a siloed manner with separate, unintegrated systems.

4. Keeping track of mobile apps

Most users don’t pay attention to the permissions of mobile apps they download, putting sensitive corporate data at risk. Vulnerable mobile apps account for a majority of data breaches, and when users retain full control over their personal devices, it is difficult for security administrators to determine which apps they need to worry about. It’s often only after a breach that IT discovers which apps pose a security threat.

5. Unmanaged devices

Many employees access corporate data and apps from more than one device, making mobile device management a huge problem for CISOs. Given that many devices are jailbroken and rooted, security administrators have no way of determining whether they are compromised, infected with malware or being accessed by an unauthorized user posing as a legitimate one.

6. Missing warning signs

Security administrators are constantly bombarded by vast quantities of data from logs, network activity and other sources, making it difficult to manage mobile security. Organizations often have outdated security monitoring and analytics platforms that can’t keep up with the new constantly evolving threats.

As mobility continues to grow, today’s CISOs face major challenges when it comes to mobile security. Their fears are valid given that malicious hackers are becoming increasingly clever and widespread, but there is light at the end of the tunnel — as long as enterprises invest in the right mobile tools to keep their assets safe.

Written By

Karin Kelley

Independent Analyst & Writer

Karin is an independent industry analyst and writer, with over 10 years experience in information technology. She focuses on cloud infrastructure, hosted applications and services, end user computing and related systems management software and services. She spent nearly eight years…

Other Articles by Karin Kelley
See All Posts