New Stats Regarding Mobile Security
This post is also available in: 
עברית (Hebrew)
Enterprises continue to fail when it comes to protecting corporate data on mobile apps and devices, according to the Mobile Security and Risk Review, by MobileIron at the 2016 U.S. Black Hat Conference.
James Plouffe, Lead Architect, MobileIron told securitymagazine.com: “The velocity of mobile attacks is increasing but the latest data shows that enterprises are still not doing the things they could do to protect themselves. This demonstrates that enterprises are alarmingly complacent, even when many solutions are available”.
The report outlines several new mobile attacks which have emerged that threaten enterprises. Most are simply re-using old tactics against mobile-specific services, rather than employing new techniques or exploiting new vulnerabilities. However, when attacks against users are successful, they can result in the loss of both personal and business data.
The following mobile attacks are few among many which have either emerged or worsened in the last six months:
Android GMBot: This spyware remotely controls infected devices in order to trick victims into providing their bank credentials.
AceDeceiver iOS malware: This malware is designed to steal a person’s Apple ID.
The top 10 consumer unmanaged apps most often blacklisted by enterprises changed from Q4 2015 to Q2 2016. New entrants to the top 10 list include Line and Evernote. The top 10 consumer unmanaged apps most often blacklisted in Q2 2016 include: Dropbox, Facebook, Angry Birds, Skype, Line and many more highly popular apps.
“When an unmanaged app that can potentially access corporate data or bypass corporate security measures achieves broad consumer adoption, IT departments look to blacklist it because they can’t protect corporate data in an app they don’t manage,” said Plouffe.
Government organizations are known for having some of the most stringent security requirements. Paradoxically, extensive approval processes make it difficult for these organizations to keep pace with change, which can make them more vulnerable.
Globally, Government organizations are less prepared to deal with security incidents than the global average. 61% of Government organizations have at least one non-compliant device, compared with the global average of 53%.48% of Government organizations have missing devices, compared to the global average of 40%.34% of Government organizations had devices operating under outdated policies, compared to the global average of 27%.
