Industry Trends

IDC BYOD Survey Shows Mobile Malware is the Top Concern

By Stefanie Hoffman | July 30, 2012

Just a few years ago, the bring-your-own-device (BYOD) to work trend was just starting to give IT administrators cause for concern.

Flash forward to today: BYOD has not only reached a tipping point, but is accelerating at a dizzying pace. With this momentum comes elevated fears and a torrent of threats, proven by the latest BYOD and mobility figures from research firm IDC in its Mobile Security Survey 2013. None of these statistics should come as a surprise.

Mobile malware is a top concern among the majority (68 percent) of IT-controlled organizations. 

Exposure of sensitive data is also a top concern among BYOD firms. 

Organizations see social media and cloud storage as the greatest threats to mobile app usage.

Three quarters of organizations see personal mobile devices as a risk factor. However, two-thirds say employees understand the risks involved with BYOD. 

To say BYOD is here to stay is major understatement. BYOD trends are accelerating at a rapid clip -- not unsurprising given the exponential rise of mobile device sales. The net-net: Increasingly more organizations are hitting challenges created from BYOD and are relying on network-dedicated security solutions to address them.

According to IDC, nearly two thirds (62.5 percent) of all organizations categorize themselves as BYOD environments, compared to the remaining third (37.5 percent) of organizations that say they are IT-controlled. Nearly half of respondents consider themselves "highly mobile," defined by IDC as organizations with more than 50 percent of their workforce traveling or relying on mobile devices such as smartphones and tablets for communication.

It's a trend gaining traction due to productivity, efficiency and profit gains -- and one that further puts organizations at risk. More than a third of organizations surveyed (36.5 percent) say they have experienced a breach or data loss in which a mobile device was a factor.

Broken down, the majority of security incidents occur in the largest enterprises. Of the 37 percent of organizations that experienced a breach, fewer than 30 percent affected SMBs, while around a third of mid-size organizations cited a breach. Those hardest hit were large enterprises with more than 10,000 employees, representing 49 percent of breached organizations.

To protect themselves, organizations relied on what they knew: standard security solutions as opposed to mobility-focused tools. Security functions in wireless infrastructure -- at 54 percent -- won the day as the most commonly deployed antidote to mobile security challenges. The reason is likely the ability and flexibility to apply security controls at the users' discretion, which include functions such as access control lists, passwords and guest/quarantine WLANs.

Security gateway solutions came in at second place, adopted in a little more than 50 percent of firms to address mobile security dilemmas. Reasons are similar: Users can leverage an array of network features that include firewall, UTM and VPN technologies to nab security threats delivered across the entirety of the network. Those solutions were followed by dedicated mobile device management solutions and outsourced managed and professional services, respectively.

Network oriented security solutions were most popular among IT-controlled organizations, likely because they have a dedicated staff on hand for management and monitoring. This could change as organizations increasingly rely on channel partners to fulfill network management and support.

If IDC's research is any indication, the network and its related solutions will be integral to mobile security.

BYOD isn't going away. As more organizations implement mobility infrastructure, they're going to be tapped to find comprehensive and relevant solutions that can take on an anticipated groundswell of new threats delivered via mobile vectors. And network security is likely one of the first places they'll turn.

Join the Discussion