Second Annual BYOD & Mobile Security Study Reveals Exploits Entering Organizations via Mobile Devices is a Top BYOD Security Concern in 2014

The Information Security Community on LinkedIn, an online community of more than 200,000 information security professionals, and Vectra Networks, the leading innovator in real-time detection of in-progress cyber-attacks, today announced the results of the second annual "BYOD & Mobile Security Study" highlighting the state of BYOD and mobile security in 2014.

The study found that nearly half of respondents agreed that users bringing downloaded apps or content with embedded security exploits into their organization, as well as malware infections, are top BYOD security concerns. In addition, 60 percent of respondents said that malware protection is a requirement for mobile security.

The BYOD & Mobile Security Study was independently conducted by the Information Security Community on LinkedIn. This second edition study collected responses from more than 1,100 IT security practitioners to gain a deeper understanding into the practices, usage and security concerns around BYOD.

"Loss of company or client data, followed by unauthorized access to company data and systems are well publicized as security threats around BYOD, and they were respondents' biggest security concerns in our 2014 study," said Holger Schulze, founder of the 200,000+ member Information Security Community on LinkedIn. "But it is very interesting that the study revealed that respondents’ next biggest security concerns were users bringing downloaded apps or content with embedded security exploits into their organization (47 percent), followed by malware infections (45 percent)."

Additional key findings of the study include:

• According to respondents, only 21 percent of their organizations have fully implemented BYOD policies, processes and infrastructure. In addition, 24 percent of respondents' organizations have no mobile device policy. Along these same lines, 21 percent of respondents said that privately owned devices are widely in use in their organizations, but are not supported within their organizations.
• While accessing email, calendar and contacts is the most popular usage for BYOD devices (86 percent), other business apps and data are also being routinely accessed by BYOD devices. Study respondents said document access and editing apps are used 45 percent of the time; Sharepoint and Intranet access happens 41 percent of the time; and apps for file sharing and company-built applications are accessed 34 percent of the time.
• When it comes to sensitive data and intellectual property being accessed over BYOD, respondents were most concerned with protecting business data (74 percent), customer/employee data (69 percent), and documents (66 percent).
• According to respondents, the most popular tool to monitor and manage mobile devices was mobile device management (MDM), in use at 43 percent of respondents’ organizations, followed by endpoint security tools (39 percent), and Network Access Controls (38 percent). Similarly, the most common risk control measures for mobile devices were password protection (67 percent), followed by remote wiping of data (52 percent), and use of encryption (43 percent).

Significant data in the report is that 21 percent of organizations who acknowledge broad use of privately owned devices, for which no support exists within their organizations. Malware threats are already being carried into the organization on these unmanaged privately owned devices.

"BYOD and mobility create a significant security risk that we have observed in production networks," said Mike Banic, Vectra Networks VP of Marketing. "Traditional perimeter security has no way of stopping this malware vector into organizations’ networks, and the Vectra X-Series platform is already meeting this critical need for organizations."

About the LinkedIn Information Security Community

With more than 200,000 members, the Information Security Community on LinkedIn is the largest online network of infosec professionals in the industry. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

About Vectra Networks

Vectra Networks is the leading innovator in real-time detection of in-progress cyber-attacks. Vectra delivers continuous automated cyber-attack detection and reporting that instantly identifies attacks while they are happening and describes what the attacker is doing. Vectra automatically prioritizes attacks that pose the greatest business risk, enabling organizations to quickly make decisions on where to focus their time and resources. Vectra Networks' investors include Khosla Ventures, IA Ventures and AME Cloud Ventures. The company's headquarters are in San Jose, Calif. More information can be found at www.vectranetworks.com.