Sign up for our newsletter
Technology / Software

5 startling but real mobile security risks

Using your own tablet or smartphone for work makes sense on lots of levels, so it’s no wonder most of us do it.

It’s easy to access emails, quick to browse the web and much more functional than your old-fashioned, work-approved device.

But while most of us are aware of the standard security risks from storing work data on personal devices, ranging from data loss to unsecured networks, there are other less well-known vulnerabilities, and some of them are fairly surprising.

Here CBR takes a look at five startling mobile security risks revealed by research conducted in 2014.

White papers from our partners


Malicious apps

According to research conducted by analyst house Ovum, most employees are more fearful of using their devices than their employers are – and for good reason. Two-thirds of 5,000 respondents cited malicious websites they may visit at work as a reason not to use their devices. Another 57% cited malicious apps as a reason not to use their devices.

Ciaran Bradley, chief product officer at AdaptiveMobile, which carried out the study, said: "Employee concerns over security and privacy are consistent across all operating systems – and with mobility meaning IT departments are confronted with a multitude of platforms to secure, the opportunity for operators is to provide a mobile network level security solution that gives the IT department the control they need."


Work, work, work!

But employers must shoulder some of the blame when things go wrong. Raytheon Cyber Products looked at mobile security and found that bosses are guilty of ignoring plenty of mobile risks in favour of pushing staff to get the job done.

That makes bosses’ work ethic a security risk itself.

Senior director Ashok Sankar said: "This survey points to the fact that there is a struggle to find the right balance between the cyber security needs of an organisation and the efficiencies demanded by employees to do their jobs.

"Mobile devices are becoming a dominant workplace tool, and organizations must adopt a mobile strategy with data security technologies that enable employees to work effectively without putting sensitive information at risk."


Wi-Fi? No thanks

IT departments regularly go to great lengths to ensure their network security is top-notch, giving them insight into all devices connecting to it, as well as peace of mind that nothing will get in to hack those devices.

But according to a study of 827 people by comparison site, 63% would prefer to use 3G or other mobile broadband.


Basic app security

Gartner has found that three-quarters of mobile apps fail the most basic security tests.

Principal research analyst Dionisio Zumerle said: "Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance.

"Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security."

He warned: "[Employees] should download and use only those applications that have successfully passed security tests conducted by specialized application security testing vendors."


Use a FitBit? Better not…

Fitness devices have turned into a craze this year, with plenty of people wearing FitBits, Jawbones and more around their wrists or upon their person to monitor their health.

However, with the advent of the Apple Watch, security analyst firm Tripwire has warned that connections between such devices and smartphones, on which you can use apps to get the data collected by the device, could be hacked.

Analyst Ken Westin said: "There will be a race to hack the Apple Watch. The device connects to iPhones and other iDevices, so that connection may be a potential attack vector."
This article is from the CBROnline archive: some formatting and images may not be present.