10 terrifying facts about mobile security (and what you can do about it)

Mobility is a must for the enterprise, but phones get stolen, hackers hack stuff and, combined, these present a real challenge for the enterprises to simultaneously fulfill business goals while solving security concerns.

The situation:

78 per cent of enterprises agree - mobility is a strategic imperative for (their) organisation’s success (Cisco) and Gartner estimates that 70 per cent of mobile professionals will conduct their work on personal smart devices by 2018. In 2014, 1.6 billion personal devices were used in the workplace. Increasingly, businesses are looking to gain competitive and operational advantage by providing mobile applications to their employees – but what kind of increased threat to the enterprise does this bring? And what can enterprises do about it?

The problem:

We are human

1. Over 5 million smartphones are stolen annually in the US (Consumer Reports)

2. 1 in 10 users actually report loss of confidential company data (IDG)

3. Mobile theft has led to a $30bn (£21bn) black market economy (Oracle)

Targeted attacks

4. A ninefold increase of more mobile banking Trojan attacks from 2013 to 2014 (Kaspersky)

5. 90 per cent of enterprises use third-party commercial applications and 75 per cent of these will fail basic security tests (Gartner)

6. 75 per cent year-on-year increase in U.S. mobile malware rates in 2014 (Lookout)

Threats to the enterprise and its ability to respond

7. 47 per cent of enterprises say that the top obstacle for their mobility initiatives is the security risk (Cisco)

8. 68 per cent of respondents admit that their organisation has suffered a mobile security breach in the last 12 months (BT)

9. 74 per cent of respondents report their organisations have experienced a data breach as a result of a mobile security issue and 44 per cent have experienced mobile malware infections (IDG)

10. 69 per cent of enterprises consider lost or stolen devices the biggest threat (CompTIA)

The need and the solution

Traditionally, the answer to this problem has been 'secure the endpoint'. However, locking down devices developed into a never-ending arms race between hackers and the enterprise. Despite increasing the installation of intrusive security software, mobile hacking continues to rise. Focusing on the mobile endpoint is a battleground where enterprises just can’t win.

One solution is virtualising the entire mobile experience, minimising the surface area of attack. The mobile OS, and all of the apps that run on it, can sit in a secure enterprise class datacenter. For instance, our own virtual 'devices' leave no data-at-rest, reducing the risk of malicious software residing on the physical endpoint. Essentially, we treat the end user’s device (be it personally or corporately owned) as a dumb terminal, where the only stream going to the handset is a video stream and no data transits the wire.

Virtualisation can remove the concerns of mobile security by moving the mobile battlefield to the cloud – problem solved.

Will Scott at Hypori