Mobile security
Security Headaches
Malware and hacking are the top areas of concern for 50% and 49% of business executive and technology professional survey respondents, respectively. Other top areas of concern are privacy (45%), data loss/leakage (40%) and social engineering/phishing (38%).
Higher Priority
74% of companies said security is a higher priority today than it was two years ago, and 85% said security will be an even higher priority two years from now. What’s more, 29% of companies said they had a data loss incident in the past year, up from 19% in 2013.
Security Confidence
Companies of all sizes have high satisfaction with their current security level: 57% of small companies, 62% of midsize companies and 57% of large companies are “completely” satisfied with current security Levels.
Change Drivers
However, the biggest reasons respondents cited for changing their security approach include a change in IT operations (47%), reports of security breaches (43%), knowledge gained from training (34%), vulnerability discovered by audit (29%), and internal security breaches or incidents (29%).
Mobile Troubles
Over the past year, businesses have seen employees lose mobile devices (32%), disable security features on mobile devices (31%) and experience mobile malware (30%).
Taking Action
Companies are taking action to increase mobile security by installing tracking/wiping software (45%), requiring a passcode on mobile devices (44%), establishing procedures for lost devices (41%) and requiring encryption on mobile devices (39%).
Biggest Threats
Open WiFi networks are one of the biggest threats to mobile security, according to 52% of respondents at large companies, 50% at midsize companies and 48% at small companies. Other big threats include viruses/malware, unauthorized apps, BYOD practices, USB flash drives, and theft/loss of corporate devices.
Shaping Strategies
The biggest factors complicating security approaches include the growing organization of hackers (54%), greater technology interconnectivity (52%), sophistication of security threats (52%) and greater availability of hacking tools (48%).
New Approaches
Data loss prevention remains one of the most common new tools currently used by 58% of companies, followed by identity and access management (57%), and security information and event management (49%).
The Cloud and Security
Following an initial cloud migration, many companies report a second move due to security-related reasons. Only 26% of respondents said they conducted a “hearing” review of cloud providers, 32% conducted a “moderate” review, and 17% conducted “little/none/don’t know” review.
Policy Challenge
Only half the companies surveyed believe they have a comprehensive security policy, with 18% of small businesses not planning to establish a policy in the next year.
Reasons to Mitigate Risk
34% of businesses feel they have too much risk and must consider tighter security. Their top reasons to mitigate risk include the nature of emerging threats (56%), new business model/offering (56%), and an evaluation highlighted excessive threat (51%).
Channel Readiness
Nearly three out of four channel companies have security as part of their portfolio, with a higher rate among VARs, solution providers and managed service providers. At least one in three channel companies claims to offer security as a service or managed security services.
Channel Offerings
56% of IT channel companies said they offer security embedded in other products and services, and 17% said they offer a stand-alone product/service. The types of security products offered include network security (57%), business continuity/disaster recovery (56%), data protection (51%) and email/Web security (48%).
Lackluster Response
48% of IT channel firms said they experienced no inquiries and take no action as a result of major security breaches. However, 19% of IT channel companies expect to grow significantly, and 44% expect modest growth.