In the early 2010s, nearly half of smartphone owners valued the convenience of mobile shopping more than device security. Most smartphone users are even more attached to their devices today than they were years ago. Nevertheless, mobile security concerns have risen. This disquiet owes at least part of its growth to an increase in the number of mobile-related data breaches, such as the 2016 hack that exposed six million Three Mobile customers' personal information. Organizations now face a dilemma. On the one hand, they must strive to keep up with advancing smartphone technology and help cultivate a mobile workforce. On the other hand, they must craft security policies that cover employees' use of mobile devices. To evaluate the challenges of dealing with this trade-off, mobile connectivity provider iPass surveyed 500 CIOs and senior IT decision makers from the United States, the United Kingdom, Germany, and France. The results are presented in the iPass Mobile Security Report 2017. Here are the main findings from iPass's survey.
Concern for Mobile Security
Nearly all (93 percent) of respondents in the Mobile Security Report 2017 told iPass they were "very" or "somewhat" concerned about the mobile security challenges associated with a growing mobile workforce. (47 percent said they were "very" concerned, which is up from 36 percent in 2016.)
iPass 2017 Mobile Security Report page 4 Respondents in the United States were by far the most worried, with 98 percent of this subgroup saying they were "very" or "somewhat" concerned about mobile security. (58 percent of U.S. respondents were "very" concerned.) 89 percent of CIOs and senior IT decision makers from Europe were similarly concerned, and just 32 percent of UK participants were troubled by mobile security challenges.
Concern for C-Level Employees
Nearly half (40 percent) of CIOs and senior IT decision makers told iPass that C-level employees are at the highest risk of getting hacked by digital attackers. The mobile connectivity provider has some thoughts as to why this is the case:
"Contributing factors could include the fact that senior employees have privileged access to highly sensitive and/or valuable corporate data and systems. They also travel regularly for business and tend to be more active across multiple mobile devices."
iPass 2017 Mobile Security Report page 7 German organizations were by far the most concerned about their C-level employees at 49 percent. Companies in France and the United States demonstrated near-equivalent percentages of worry for their C-level employees at 41 percent and 40 percent, respectively. Meanwhile, UK firms exhibited the least amount of concern at just 29 percent.
Concern for Public Wi-Fi Hotspot Security
Those who took part in iPass's survey expressed security concerns about using public Wi-Fi hotspots in a number of locations. Coffee shops appeared in 78 percent of respondents' top three locations; 42 percent of CIOs and senior IT decision makers from all countries listed coffee shops as number one. Respondents also expressed concern for airports and hotels, though less than half included exhibition centers (41 percent) and in-flight hotspots (34 percent) among their top three. When asked what public Wi-Fi hotspot security threats concerned them most, more than two-thirds (69 percent) of respondents said man-in-the-middle (MitM) attacks. Nearly the same number of participants said a lack of encryption (63 percent). Fewer CIOs and senior IT decision makers pointed to hotspot spoofing (58 percent) and employees using unpatched/insecure mobile OS platforms and apps (55 percent).
iPass 2017 Mobile Security Report page 6 In response to those security threats, 68 percent of survey participants currently ban public Wi-Fi hotspots. About a third (31 percent) ban it all the time, whereas a little more than that (37 percent) restrict it sometimes. An additional 14 percent of respondents intend to ban public Wi-Fi hotspots in the future.
Balancing Security with a Mobile Workforce
Organizations might want to ban public Wi-Fi hotspots, but doing so could jeopardize their business goals. iPass elaborates on this possibility:
"Modern organizations know that, security risks aside, they need to ensure that their employees remain connected and productive at all times. With the majority of electronic devices shipped worldwide being Wi-Fi only, blocking connectivity to Wi-Fi hotspots at coffee shops, hotels, airports and in flight could result in a drastic reduction in productivity."
Acknowledging this potential drawback, companies should encourage Wi-Fi connectivity, which may include allowing public Wi-Fi hotspots. But they should also help employees secure their devices against digital threats. On the one hand, they can look to solutions like Virtual Private Networks and mobile anti-virus programs. On the other hand, they should consider conducting phishing training with their employees on approved desktops and mobile devices. For more insights into how organizations are approaching mobile security challenges, please download the iPass Mobile Security Report 2017 here.