Mobile devices are the weak links in the security chain, providing easier direct access to more valuable organisational assets than any other intrusion point.
This is one of the biggest findings from the Checkpoint 2015 Security Report. The report is based on collaborative research and analysis of over 1 300 organisations, including 39 from SA, over 300 000 hours of monitored network traffic, from more than 16 000 threat prevention gateways and one million smartphones.
According to the study, for an organisation with more than 2 000 devices on its network, there is a 50% chance there are at least six infected or targeted mobile devices on the network.
It reveals 72% of IT providers agreed their top mobile security challenge is securing corporate information, and 67% said their second biggest challenge is managing personal devices storing both corporate and personal data.
Major concerns
Presenting the findings of the report yesterday in Johannesburg, Doros Hadjizenonos, country manager of Check Point SA, said the Checkpoint 2015 Security Report findings correlate with those of a security survey of South African organisations, conducted by Check Point and ITWeb earlier this year.
The local survey determined that even though 70% of respondents allow personal devices to connect to their networks, 80% cited lost or stolen information as the greatest mobile security concern, and 29% felt adequate steps to decrease mobile security incidents were not being taken within their organisations.
Hadjizenonos believes to mitigate the risks presented by mobile devices, organisations need to start taking mobile security seriously and user awareness should be the first step. He pointed out mobile security is not at a level where it should be.
"There are lots of solutions available that can separate business content from private content and applications," he said. Organisations can also establish a sound policy on what data is going to be allowed on mobile devices based on a user's access and how it will be secured. The policy should also cover how a user and IT department should react to a security incident should it happen, Hadjizenonos urged.
As an example, he said encryption of data is one way of protecting the data sitting on mobile devices and ensuring only the authorised individuals have access to it.
Tarryn Maitland, channel manager at Check Point SA, said thanks to mobile devices, security is no longer only about protecting the business but the attack vectors are even extending into the home.
Risky business
The report also found corporations frequently rely on applications to help their business be more organised and streamlined. However, these applications become vulnerable points of entry for businesses.
Some applications, such as file sharing, are obviously risky. The rise of 'shadow IT', applications that aren't sponsored or supported by the central IT organisation has led to even riskier business, Check Point notes.
The research revealed 96% of organisations studied used at least one high-risk application in 2014, a 10-point increase from the previous year. Check Point research also unveiled 12.7 high-risk application events happen every hour.
This creates many opportunities for cyber criminals to access the corporate network - that is risky business, said Hadjizenonos.
Malware rose at alarming rates in 2014. This year's report revealed 106 unknown malware hit an organisation every hour: 48 times more than the 2.2 downloads per hour reported in 2013.
Unknown malware will continue to threaten the enterprise in the future, says Check Point. Even worse than unknown malware is zero-day malware, which is effectively built from scratch to exploit software vulnerabilities, of which vendors are not yet even aware, it adds.
Bot attacks
According to the study, cyber criminals continue to use bots to amplify and accelerate the spread of malware. Some 83% of organisations studied were infected with bots in 2014, allowing constant communication and data sharing between these bots and their command and control servers.
"When it comes to cyber security, we can no longer segment threats on a country-by-country basis. The same threats that cripple multinational organisations in America can take down an SME in South Africa - malware does not discriminate when it comes to organisation size or territory," noted Hadjizenonos.
"The Internet has made the world a very small place, and new malware can infect millions of devices all over the world in minutes."
Share