A report created by mobile threat defence firm Skycure suggests that 4% of all smartphones used in enterprise contain malware. Possibly more concerning is that they found that any organisation with 200 or more mobile devices contained at least one device with malware.
The Mobile Threat Intelligence Report (available for free here) suggests that a balance must be met in securing a business’s mobile devices whilst also giving them the flexibility to use the devices without restrictions. A mobile device connected to an enterprise network often has access to swathes of shared data, or even when disconnected from the network may contain confidential data on the device itself. This proximity to sensitive data makes the findings that much more alarming.
Other conclusions found by the study suggested that traditional malware was not the source of most mobile vulnerabilities. Network Threats, such as MITM attacks, or XSS were 5 times more likely to occur than malware on the devices analysed. This suggests that traditional network monitoring systems should be prioritised above device-based anti-malware software. The remainder of the issues on these devices resulted from configuration vulnerabilities which can be solved by having proper policy management or user education, however, as we often see, the biggest vulnerability in any system is often the user.
Skycure is the leader in mobile threat defense, detecting and preventing cyber attacks without compromising the user’s privacy or mobile experience. The report in question is based on millions of monthly security tests from January through March 2016 and includes both unmanaged devices and those under security management in enterprise organizations.