Security Market Segment LS
Thursday, 25 August 2016 10:13

Mobile threats up – so what?

By

Despite an increase in mobile threats, Australian enterprises are not adopting adequate mobile security measures, according to new data released by MobileIron.

A leader in enterprise mobile management (EMM), MobileIron demonstrates that despite mobile threats being on the rise, only 7% of Australian companies are enforcing operating system updates and fewer than 5% are using app reputation or mobile threat detection software.

Most new mobile attacks re-use working tactics, such as SideStepper’s use of man-In-the-middle (MITM) against mobile device management (MDM) servers. When these attacks are successful, they can result in the loss of both personal and business data.

  • AceDeceiver iOS malware: This is designed to steal a person’s Apple ID.
  • SideStepper iOS “vulnerability”: This technique was discovered to intercept and manipulate traffic between an MDM server and a managed device.
  • High-severity OpenSSL issues: These vulnerabilities can potentially impact large numbers of applications and services, which could ultimately jeopardise enterprise data-in-motion.
  • Marcher Android malware: This malware has evolved to mimic bank Web pages and trick users into entering their login information through e-commerce websites.
  • Android GMBot: This spyware remotely controls infected devices to trick victims into providing their bank credentials.

Barry Mainz, president, and chief executive, MobileIron, said, “The velocity of mobile attacks is increasing, but the latest data shows that enterprises are still not doing the things they could be to protect themselves. This lack of security hygiene demonstrates that enterprises are alarmingly complacent, even when many solutions are readily available.”

MobileIron found that mobile security practices remained largely unchanged in the face of new threats. A mobile device that is secured using EMM software triggers a security incident when the device is compromised or out-of-compliance with the company's security policies.

Network administrators can respond to the notice of a security incident — often the precursor to a breach and take appropriate remedial action. When a device or app is out of compliance, then the device or app is vulnerable to attacks that can put enterprise data at risk.

In Q2, 2016, Australian businesses experienced the following trends in employee compliance incidents:

  • 64% of Australian companies had at least one device out of compliance, compared to more than 50% of companies worldwide.
  • 7% of Australian companies were enforcing OS updates, compared to 8% of companies worldwide.
  • Less than 5% of companies in Australia deployed app reputation software, the same trend as worldwide.

Australian businesses are blacklisting consumer apps

Shadow IT where apps are installed without IT approval can present malware risks or vectors for corporate data loss. If an employee downloads a blacklisted app, IT departments can set policies to automatically quarantine the device, remove access to the enterprise network, or even wipe business data and email from the device. The top 10 consumer unmanaged apps most often blacklisted by Australian enterprises include:

  • Angry Birds
  • Facebook
  • Dropbox
  • Google Drive
  • Box
  • Twitter
  • WhatsApp
  • Skype
  • Viber
  • Clash of Clans

“When an unmanaged app that can potentially access corporate data or bypass corporate security measures achieves broad consumer adoption, IT departments look to blacklist it because they can’t protect corporate data in an app they don’t manage,” said Mainz.

The data also shows that iOS use in enterprise (iPhone/iPad) is 84% of these devices, and Android is 15% due to perceived security issues.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments