Vulnerable Mobile Apps - A Fuel for Mobile Security Threats

By CIOReview | Wednesday, October 14, 2015

FREMONT, CA: The elevation in mobile access of corporate data has strategically arose mobile security threat for enterprises, on the other hand mobile communications and services became priority in business technology agenda which demands countermeasures against increasing breaches.

The mobile apps deployed and adopted by enterprises do not go through a security vetting process, acting as fuel for mobile security threats, reports Georege Leopold for ENTERPRISETECH. According to IDG Research, 74 percent enterprises have to face data breaches because of inadequate mobile security and 38 percent have experienced adversities due to software vulnerabilities. The survey suggests that organizations should consider establishing permanent connectivity on a network outside of enterprise control with mobile devices.

Though organizations are lighting the candle to meet the emerging need for better detection of malware and enhanced data protectors, in this emerging BYOD work environment mobile devices are the target of all cyber criminals. Phil Britt of eSecurity Planet reports that, most of the employees don’t carry responsibility of enterprise data security giving way for connection hijacking that exposes massive amounts of sensitive data. Firm security policies including rules for authentication, PII restrictions for email and restricted usage of passwords and PINs may prove advantageous to lower the level of risk.

"A mobile device policy should be part of the onboarding process; it should be read and signed off on before new employees receive their company device or access company resources with their personal device," says Jeffrey Smith, IT security officer at Wombat Security Technologies.

Gartner in its report recommends IT security professionals to leverage network access control methods, to follow enterprise mobility management baseline such as complex and strict retry standards for passcodes, specific minimum and maximum versions of platforms and operating systems and certified access to business email, virtual private networks, Wi-Fi and shielded apps.