SMBs Face Growing Security Threat From BYOD

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Follow on: Google +

Mobile devices are posing a growing security threat to SMBs, who often do not have adequate tools and software

Small businesses are facing an increased risk from mobile devices that are now flooding into the workplace.

So said Mobilisafe, a Seattle-based mobile security company, following the interim results of its small and midsized business-focused (SMB-focused) beta study.

As part of the beta, SMB participants evaluated a product that provides visibility to all mobile devices accessing their company’s network.

BYOD Threat

Over the course of 3 months, Mobilisafe mapped more than 38 million employee mobile device connections that provided key data for their analysis and interim results. The majority of SMB’s are highly mobilised, driven by the bring-your-own-device (BYOD) trend of recent years, but SMB IT managers significantly underestimate the number and kinds of mobile devices connecting to their network.

In addition, SMB IT departments lack solutions to map their corporate standard for information security used with laptops, desktops and servers to mobile devices. For example, they have tremendous difficulty determining if mobile devices are up-to-date with the latest firmware. Even though there are serious concerns about data risk on mobile devices, the survey indicated SMBs do not feel they have adequate tools to determine those risks and respond to them.

This lack of visibility to mobile devices and their usage can have serious consequences, especially when employee-owned devices are lost, stolen or resold to others outside the company, the report noted. On average, 80 percent of the employees are already using smartphones and tablets, and a new device model was introduced to a company for every 6.6 employees, the survey found. The survey also found 56 percent of iOS devices were running out-of-date firmware and 39 percent of total authenticated devices were inactive for more than 30 days, prompting concerns and conversations with employees about lost, sold or otherwise misplaced devices with employee credentials and sensitive corporate data.

Resource Issue?

“We know that SMB IT departments are severely resource constrained, and do not have the time to get ahead of the issues introduced by an increasing diversity of devices brought to work by employees,” said Giri Sreenivas, CEO of Mobilisafe. “This study confirms the severity of the issues, and the need for a solution that makes it simple to see, assess and respond to these risks.”

The accelerating adoption of smart devices and growing number of available products is creating a large reseller market for replaced devices.

For example, Motorola recently announced that approximately 100 out of a batch of 6,200 Xoom WiFi tablets that were refurbished by Motorola Mobility may not have been completely cleared of the original owner’s data, including passwords, prior to resale.

Half of mobile devices sold on eBay still contain personal information on them, according to an informal survey by mobile and forensics specialist Disklabs.


How much do you know about smartphones? Take our quiz!

Read also :