data-boardroom
Mobile Working

The Mobile Data Report uncovered - moving past data issues

This is a contributed piece by Eldar Tuvey, CEO of Wandera

 

Now more than ever, enterprises need to stay on top of their mobile security and data usage trends, and monitor traffic patterns across their entire fleets of employee devices. Failing this, businesses could incur severe breaches of company data.

There is no doubt that awareness and investment in cyber security is on the rise – according to IDC the worldwide enterprise security software market will grow to $3.21 billion in 2020. But dangers still remain. In order to educate enterprises on the continuing threats employee devices are exposed to, Wandera has published its quarterly Mobile Data Report (MDR) for Q1 2016. The report reveals a number of worrying statistics from enterprise mobile devices that continue to endanger the privacy and productivity of businesses.

The findings from this report alerts enterprises to the severity of the issues that are continually affecting mobile devices, and also gives proactive suggestions on how to combat them. 

 

Sensitive data is continuing to leak

In December 2015, Wandera announced the discovery of the CardCrypt security flaw affecting sixteen high profile companies. The study revealed each company had failed one of the most basic security requirements – not fully encrypting the traffic to the payment pages of their mobile website or app. This meant that customers who used these services were unknowingly at risk of having their information stolen. Ranging from entire passport to credit card details, employees and companies were unintentionally exposing themselves to damaging situations.

Regrettably, the MDR uncovered a continued rise in apps and mobile websites leaking credit card data, with several new cases from prominent brands including the Hong Kong metro system. It identified a 17% increase (Q1 2016 vs Q4 2015) in apps and mobile websites leaking credit card data, alongside a particular growth in password, email, location and user ID leaks.

Wandera is in contact with these sites and apps to rectify and assist in pinpointing the root causes of the issues, but it raises the question – how does this keep happening? While the problem is being addressed by the app developers and companies themselves, enterprises need to protect their mobile devices and their employees.

 

Avoiding malicious domains

Among the key findings within the report is the unusually high and accelerated growth in malicious domains visited by users in Q1 2016. A massive 200% increase per month throughout the quarter was attributed to a rise in ad frameworks used within apps and websites that are directing users to domains with a history of malicious activity. Users are not directly exposed to the malicious domains since they are only preloaded in a compromised advert, however a wrong tap in a game or in an app might be enough for the user to be redirected to an unofficial app store, fake website or to be directly offered the installation of a malicious app.

While the report revealed that improved education seems to be helping users avoid visiting malicious websites through typical routes (phishing attacks or risky browser use), users are nonetheless increasingly being exposed to malware. CIOs must help their employees with further detailed education on what may constitute a compromised ad, and how to stay safe in a mobile world.

 

Data usage in the enterprise

The report revealed the top 10 apps by data usage on enterprise devices in Q1; while email and Safari were unsurprisingly representative of the majority of data usage (34%), five of the remaining eight were all non-work related: Facebook (10%), Instagram (3%), Twitter (2%), WhatsApp Messenger, Spotify Music and Snapchat (all 1%). Combining email, video and social networks account for 49% of total data used.

The findings suggest that CIOs need to be appreciative of how non-work-related apps such as Facebook and Snapchat consume huge portions of corporate data allowances, possibly resulting in the risk of enterprise bill shock. Policy controls, which restrict access, and education, need to be in place to implement an effective means of minimising excessive consumption of data.

The leaks, hacks and unplanned attacks will continue to happen. Enterprises need to be in control of their mobile fleets and truly understand what is happening on their devices. We believe that in-depth knowledge of employee mobile data traffic is the crucial first step to secure enterprise mobility.

PREVIOUS ARTICLE

« Barbie starts a new career - as a game developer

NEXT ARTICLE

A non-dystopian future of robot co-workers »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?