Don’t Claim to Be Aware of Cybersecurity and Fail to Secure 60% of Your Endpoints

Welcome to Cybersecurity Awareness Month.

While this month traditionally is more targeted at consumers, October is a great opportunity for all of us to step back and think about modern workflows and who is and how we are accessing our corporate data.

Here at Zimperium, we assume most of our readers are aware that a) cybersecurity exists and b) a strong cybersecurity strategy is more important than ever.  But it never hurts to review the most recent strategies and approaches that are keeping us all safe from the ever-evolving threat landscape.

Over the course of the month, we will continue to drive the overall awareness by providing context around why, specifically, mobile security needs to be front and center for your organization’s security strategy.

To kick things off, let’s discuss why in 2021, mobile security needs a bigger seat at the cybersecurity table.

Mobile devices, both corporate-owned and bring your own device (BYOD), are now the dominant productivity platform in any enterprise organization: 60% of enterprise endpoints are mobile (Source: https://www.microsoft.com/security/blog/2020/04/07/mobile-security-60-percent-problem/). You probably don’t want 60% of your enterprise endpoints to be an afterthought.

Let’s now layer some complexity onto this foundational fact:

  • 67% of employees use personal devices at work. (Source: CBS News)
  • 96% of companies with bring-your-own-device (BYOD) policies say the number of personal devices, connecting to corporate networks is growing. (Source: Dimensional Research)
  • Employees access an average of 5.2 mobile business apps daily. (Source: Syntonic)
  • In 2020, the average smartphone user had 40 apps installed on their mobile phone. (Source: TechJury)

But all of this should be fine because as we all know mobile phones are more secure than most traditional endpoints, right?

Wrong.

For the sake of time and space, let’s dive deeper into the mobile device side and save the mobile application security discussion for our next edition in the series.

Mobile devices are under-protected and disproportionately targeted despite the fact all the methods and strategies hackers use on traditional endpoints apply to mobile devices. These devices operate extensively outside of corporate firewalls, in the hands of users who may not prioritize precautions like vetting Wi-Fi networks or keeping their devices patched and updated. Mobile often represents a wandering corporate data repository. That’s why Zimperium detects an average of 600 million threat events involving enterprise mobile devices daily. 

Despite inadequate protection, mobile devices have inherent characteristics creating a larger attack surface than traditional endpoints. Cybercriminals can attack mobile devices from a variety of different threat vectors.

Suppose 60% of your enterprise-connected endpoints lack adequate management and security. Your organization cannot possibly succeed with fulfilling the expansive requirements of security frameworks such as Zero Trust, which is exactly the mandate that many multinational organizations and government agencies are being handed.

So what’s the path forward at this moment in time for enterprises looking to provide coverage for their mobile attack surface?

Modern enterprise mobile security solutions must meet two equally important criteria in order to meet the current and ongoing challenges presented by mobile devices:

  1. They need an advanced technology solution that leverages machine learning to protect against device, network, application and phishing attacks
  2. They need a solution that fits into their existing security ecosystem integrating with the EPP, UEM and EDR environment to provide complete visibility

Ultimately, enterprises need to adopt a security solution that incorporates the data, control, and coverage needed for the distributed workforce while supporting current security workflows.

It is time to maintain visibility and secure all of the endpoints connected to enterprise systems, not just the 40% comprised of laptops, desktop computers, and servers. Stick with us throughout the month for more on why mobile security is critical to an enterprise’s overall security posture.

Interested in learning more? Check out some of our recent and popular coverage of mobile threat research and mobile security trends:

About Zimperium

Zimperium, the global leader in mobile security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebook threats. Powered by z9, Zimperium provides protection against device, network, phishing, and malicious app attacks. For more information or to schedule a demo, contact us today.

Get started with your Zimperium trial today

Qualified organizations will try zIPS, Zimperium's mobile threat defense solution, for free and receive recommendations on how to immediately remediate issues and alleviate risks. This includes 3 steps:

[gravityform id="2" ajax="true"]