A few months ago, Apple devices were the victim of a large-scale cyber-attack, the largest in the company’s history. The company had to withdraw more than 50 iPhone, iPad and Mac apps from the App Store as they installed malicious software that allowed criminals to control users’ devices remotely and steal personal information.
So you see, not even the company with the half eaten apple logo, which boasts about the security measures applied to their technologies, is free from falling into cyber-criminals’ traps. Smartphone attacks pose a great risk to device security and data privacy, and this is even worse in work environments.
According to a recent report from renowned research institute Ponemon, the number of employees using personal devices to access corporate data has increased 43 percent over the last few years, and 56 percent of corporate data is available for access from a smartphone.
The consequences of this situation can be translated into economic figures. A single infected smartphone can cost a company over €8,0000 on average, and the estimated global figure for all cyber-attacks over an entire year can reach €15 million.
Researchers interviewed 588 IT professionals from companies in the Forbes Global 2000 list (a list of the word’s biggest public companies) to know their opinion about mobile security. 67 percent of respondents believed it was very likely that their company had already suffered data leakage, as employees could access sensitive and confidential corporate data from their smartphones.
However, there are still more reasons for concern.
When asked about what data could be accessed by employees, most of the interviewees showed little knowledge. Workers could access far more information than IT security heads thought, including workers’ personal data, confidential documents and customer information.
Luckily, there is also good news. According to the report, 16 percent of a company’s budget is invested in mobile security, a percentage that is expected to reach 37 percent.
Additionally, more than half of the companies that took part in the study had some type of system in place to manage the data accessible to employees through their smartphones, as well as security measures such as lists of malicious apps, authentication systems and platforms to manage user access and accounts.
Researches don’t believe that going back to the past or banning the use of personal devices for work purposes are effective measures, as working in the cloud and virtual environments is increasingly common. That’s why they suggest that the solution should be to set clear limits to the information that can be accessed from personal devices, and educating employees about the risk of such practices and the available tools to neutralize them, such as those provided by Panda Security.