Feature Story

More feature stories by year:


Return to: 2015 Feature Stories


July 13, 2015: Security

Ensuring Security and Compliance in a BYOD World

When asked to rank several mobile platforms in order of security concerns, Android was consistently mentioned as the top concern. Forty-seven percent of survey-takers placed it first.

Graphic courtesy of CUPP Computing Mobile Security Multinational Decisionmakers Study 2015

IT security is complicated enough. The widespread adoption of BYOD mobile devices and the overall consumerization of IT promise to complicate security efforts exponentially. Are companies up to the challenge?

According to a recent multinational survey commissioned by CUPP Computing and conducted by Decisive Analytics, many companies are not satisfied with the mobile security they have, particularly in the face of a changing security environment. Some have yet to implement a mobile security environment at all.

Among the study's findings:

  • In general, most larger companies reported having a mobile security solution in place, although they had concerns about shortcomings to those products.
  • By contrast, more than a third of smaller companies (less than 100 employees) had no mobile computing security solution at all.
  • Fully 68 percent of mobile security decision makers said better mobile security is needed to prevent or mitigate targeted attacks.
  • Some 66 percent also feel the need to fulfill a compliance requirement – such as HIPAA, EU Data Protection, PCI – with mobile security.
  • Among larger companies, compliance is a key driver to mobile security purchases. Smaller companies didn't see this compliance need.

Among the security concerns expressed by IT professionals, 47 percent ranked Android devices as the top mobile security concern, followed by Windows phones (24 percent), then Apple and Blackberry devices.

In open comments, IT professionals cited cost of deployment and government intrusion as additional security concerns.

The survey indicates that IT managers are already aware that a full suite of features are necessary to protect against these novel attacks.

For example, when asked to rank a variety of mobile security features:

  • 84 percent said enterprise-level products such as anti-malware, Web reputation, firewall IPS/IDS were critical.
  • Some 80 percent also put data protection services such as mobile container, application wrapping and data loss prevention services on the critical list.
  • 79 percent added baseline mobile compliance.

Interestingly, IT security managers acknowledged the importance of mobile security in cloud environments as well.

For instance:

  • 58 percent of decision makers said they want to ensure secure access to corporate data in the cloud
  • 65 percent said want to secure valuable data on employees' mobile devices
  • 59 percent want to protect the device itself from damaging malware.
Security and IT managers rated the current priority of several security-related items in their enterprises, and preventing or mitigating targeted attacks was ranked the most urgent.
Information courtesy of CUPP Computing Mobile Security Multinational Decisionmakers Study 2015
Priority Percent Rating "Very High" or "Urgent"
Achieve and maintain regulatory
Prevent and/or mitigate targeted
Secure mobile access to corporate
applications in the cloud
Prevent corporate data loss
from mobile devices
Deploy mobile anti-malware

The perception that a mobile security problem exists only in the U.S. is also false. The survey included responses from five countries around the world (U.S., Japan, UK, France and Germany) and found an increase in concern over targeted attacks and data breaches worldwide. The only strong point of variance was in compliance: Japanese respondents generally did not express a need for mobile security compliance reporting.

Overall, with the widespread adoption of the BYOD philosophy, mobile devices are becoming an attractive target for intrusion and sophisticated attackers everywhere. Large companies and small businesses alike are looking for the next level of protection for their sensitive corporate and customer data, for their corporate reputations, and to ensure adequate regulatory compliance.

Companies are clearly interested in a hardware-based solution to protect data on site, in the cloud and on mobile devices themselves.

Art Swift is CEO of CUPP Computing, which provides security solutions for mobile systems, such as tablets, smartphones, remote service devices and the Internet of Things (IoT). CUPP Computing is headquartered in Oslo, Norway, and has operations in Netanya, Israel, and Palo Alto, California.

Return to: 2015 Feature Stories