Mobile devices expose company data to vulnerabilities
Mobilisafe announced results of its SMB focused study. As part of a private beta program, participants evaluated a product that assesses the security risk of mobile devices accessing their company’s network.
Over the course of 4 months, Mobilisafe’s mobile security product mapped pre-existing and newly discovered vulnerabilities to devices. More than 134 mobile operating system and application vulnerabilities were analyzed during the study, segmented by degree of severity from low to high.
This analysis uncovered the following insights:
- SMBs are exposed to high severity vulnerabilities from the increasing levels of mobile devices used to access and download company data
- SMB IT managers cannot keep up with the rate of discovery of severe vulnerabilities these devices bring to their corporate network
- SMB IT departments lack a standardized approach to mitigate the risks from different types of mobile devices, as they do with laptops, desktops and servers
- Even though they feel exposed to mobile device security risk, SMBs do not feel they have adequate tools to assess and mitigate these risks at a granular level.
Increasingly, application and operating system vulnerabilities are being exploited to compromise security models that isolate and protect company data. Company data is at risk of being leaked off the device and company servers are at risk of being attacked by mobile devices already authenticated to access company resources.
As IT managers have learned from security risk management in the desktop, laptop and server ecosystem, proactively addressing vulnerabilities pre-empts exploits from jeopardizing company data.
Some key data from the study:
- 71% of devices in the study contained high severity operating system and application vulnerabilities
- A new high severity vulnerability was mapped on average to mobile devices every 1.6 days, which is 4x faster than in 2011
- 38 different OS versions in the study contained high severity vulnerabilities
- There would be a 4x drop in the percentage of devices with severe vulnerabilities if the devices were updated to the latest available firmware.