The lightning fast pivot by many businesses to a work at home model in the COVID-19 pandemic has resulted in many seeing mobile devices as their biggest IT security threat, a new study said.
Roughly half of businesses in Verizon’s newly released Business Mobile Security Index 2021 said that changes they made to remote working practices during the pandemic’s lockdown had hurt their company’s cybersecurity profile. Four in 10 of the survey’s 856 IT professionals across the U.S., U.K. and Australia now see mobile devices as their company’s biggest IT security threat.
Nonetheless, 45 percent of those companies willingly sacrificed the security of their mobile devices to “get the job done,” the report said. Similarly, nearly one-quarter put aside locking down their mobile devices to make it easier to deal with restrictions prompted by the pandemic.
The bottom line: Cyber criminals could sharpen attacks on mobile devices used by remote workers with access to corporate networks. “While businesses focused their efforts elsewhere, cyber criminals saw a wealth of new opportunities to strike,” said Sampath Sowmyanarayan, Verizon Business chief revenue officer. “With the rise of the remote workforce and the spike in mobile device usage, the threat landscape changed, which for organizations, means there is a greater need to hone in on mobile security to protect themselves and those they serve.”
Here are additional data from the study:
- 70% expect remote working to fall after pandemic restrictions are lifted.
- 78% expect remote working to remain higher than before lock down.
- Respondents predicted that the number of remote workers will ultimately stabilize at about half of the workforce.
- Small and medium-sized businesses (SMBs) are more of a target for hackers than larger enterprises, according to 52% of the respondents.
- 59% of SMBs sacrificed security for mobile device usage.
- 22% were victimized by an attack on mobile devices.
- 78% said they should take mobile device security more seriously.
- 72% of organizations are worried about device abuse or misuse.
- 57% of companies don’t have an effective Acceptable Use Policy (AUP).
One significant problem companies face with mobile security is that most are not set up to be “mobilized,” said Saryu Nayyar, chief executive of Gurucul, an El Segundo, California-based real-time unified security and risk analytics provider. “Sending a member of your IT staff out into the residences of employees to set up remote access, the availability of network library shares and FTP up/downloads is largely out of the question,” she said. “The more local control you release by expanding the workplace beyond a secure, hard-wired network, the greater the security threats to your work environment.”