- Survey reveals only 35% of respondents are confident data protected from mobile threat
- Two-thirds say mobile is the weakest link in data security
- Widespread fear of reputational, financial damage
WATERLOO, ONTARIO--(Marketwired - November 13, 2014) - A global study released today revealed a significant gap between what enterprises understand is putting them at risk with their mobile deployment and how actively they are taking steps to combat those risks, according to BlackBerry Limited (NASDAQ: BBRY
), a global leader in mobile communications.
The gap in understanding how inadequately managed mobile devices in the workplace can contribute risk - yet not taking action to mitigate that risk is evident, as 66 percent of those surveyed acknowledge they find it difficult to keep up with current and emerging mobile threats, while 70 percent of the same respondents say they know they are more tolerant of risk than they should be with their enterprise mobility. This increases to 76 percent in BYOD environments.
For organizations with governance, risk and compliance (GRC) demands, this gap leaves them vulnerable to attacks or industry regulation breaches that put them at financial and reputational risk. The survey found that only 35 percent of executives, risk compliance officers and IT managers within large organizations are very confident that their organization's data assets are fully protected from unauthorized access via mobile devices. In fact, more than two-thirds believe that mobile devices are the weakest link in their enterprise security framework.
Respondents indicated that they have been too lax in assessing and guarding against risks such as lost or stolen devices, unapproved apps and cloud services, as well as inadequate separation of work and personal use of devices. Consequences in mishandling these issues could lead to immeasurable reputational damage, significant financial penalties and loss of revenue through the loss of trade secrets, or misappropriated customer data. These threats are so critical that 75 percent of those surveyed believe that their organization's GRC groups should be more involved in developing enterprise mobility strategy.
"Deloitte's clients face a wide range of complex issues when assessing the adoption of new technology. From Deloitte's own research, we know that Digital Risk and in particular mobile technologies are of growing concern," said Kieran Norton, Principal, Security & Privacy, Deloitte & Touche LLP. "As the technical capabilities of connected devices increase exponentially, so do the threats to devices, data and infrastructure as well as wider risks around issues such as regulatory compliance and operational support. While clients recognize the potential upside of mobile driven innovation, at this time we still see many companies grappling with the implications of mobile technologies and finding the 'sweet spot' where new business opportunities are exploited while managing risk and balancing the tradeoff between control and user experience."
"It's startlingly clear that mobile technology has transformed daily business faster than most businesses have been able to adapt," said John Sims, President of Global Enterprise Services, BlackBerry. "Leaders at all levels of organizations around the world are realizing the very real gaps that exist in their technology infrastructure - and the potentially devastating consequences of a breach. As workforces become ever more mobile, BlackBerry leads the industry in developing solutions that provide flexibility without sacrificing security."
The findings raise serious concerns about the risk exposure faced by enterprises at a time when mobile challenges are growing. Nearly two-thirds of respondents reported the number of data breaches their organization has experienced via mobile devices has increased in the last year, and 66 percent said that it is difficult for their organizations to keep up with emerging mobile trends and security threats.
Additional mobile security trends emerging from survey respondents and their organizations included:
-- Increasing need for Enterprise Mobility Management (EMM). Seventy-six
percent of study participants said the risk of legal liability and
costly lawsuits will increase without concerted efforts to adopt
comprehensive enterprise mobility management strategies.
-- 61 percent say their organization miscalculates or underestimates
risk by focusing on the device rather than the entire mobility
-- The head of internal audit at a professional services company
interviewed for the study said: "Attitudes are changing with regard
to work and where you do it. The danger is that as the behavior
changes and we use more mobile technologies, the controls do not
-- Reconsideration of bring-your-own-device (BYOD) policies. Fifty-seven
percent said that they would consider curtailing policies that allow
employees to use their personal mobile devices at work (BYOD) in favor
of more secure end-to-end solutions such as corporate owned, personally
-- 77 percent reported that it is increasingly difficult to balance the
needs of the business and those of the end user when it comes to
-- A vice president of technology at a financial services firm said:
"As soon as someone is on the news there will be a backlash."
-- Mobility partners must provide secure, future-ready solutions. Sixty-
nine percent said their methods for choosing mobility vendors need to be
updated to reflect the current risk and mobility landscape.
-- 73 percent said they want providers to have security credentials and
certifications when determining how best to implement EMM solutions.
-- 58 percent want their partners to have a clear mobility roadmap and
solutions that adapt to changing technologies.
To learn more about the survey in an accompanying infographic and to download the complete report, "Moving Targets in Risk" visit: www.blackberry.com/risktolerance
. Infographic: www.blackberry.com/select/riskinfographic/
About the Global Survey
The study by Loudhouse Research was commissioned by BlackBerry and conducted in July and August 2014. The survey included 780 individuals in six countries with ultimate governance, risk, compliance (GRC) responsibility in organizations with 1,000 or more employees (500-plus in Australia). Participants represented a cross-section of companies and sectors deploying a variety of mobile operating systems and management protocols.