My role at IBM is to focus on the mobile security market. As a result, I consume a steady diet of mobile-related white papers, articles, news reports and other materials on the topic. I see the good, the bad and the ugly of the mobile environment and hear from a wide range of companies regarding how they are deploying and securing mobile.

With all that I see and hear, it’s somewhat easy for me to fall into the fallacy of believing my exposure is consistent with that of others. In late 2015, I decided to test that belief. I sponsored a survey to see if the mobile phenomenon was impacting the masses to the extent that I thought or if it was simply much ado about nothing.

About the Mobile Security Study

My goal for the study was to identify if and how mobile was transforming the enterprise and what companies were doing to secure their mobile initiatives. We had approximately 30 questions that were answered by more than 200 global organizations of various sizes in a number of different industries.

Six months later, the results are in. Key findings of our survey were as follows:

  • Mobile is growing and is present in virtually every organization.
  • Many of the organizations that have embraced mobile are seeing measurable productivity gains.
  • Security has been a bigger issue than anticipated and it is impacting deployment.

The full report and results are available in the “2016 Mobile Security and Business Transformation Study,” but I will share some highlights.

The fact that mobile is growing and present in almost every organization really came as no surprise to us. The survey revealed that 99 percent of companies have employees using mobile in some manner to perform their jobs. Mobile prevalence has created an environment where employees can work from wherever they are and whenever they want, gaining access to the resources they need to perform their jobs.

Enterprises Are Embracing the Benefits of Mobile

In addition, 63 percent of respondents said they support a bring-your-own-device (BYOD) program that allows end users to select their own device and/or OS. This is the type of freedom that leads to happier employees. These steps are likely increasing productivity for these associates, but it is very hard to quantify the real benefits.

While the benefits of associate satisfaction may be hard to quantify, a number of survey respondents said they were seeing measurable gains as a result of their mobile initiatives. Being able to tie hard numbers to any initiative is critical because when you ask for additional funding, it will be a much easier request for management to approve.

So often we execute initiatives and then struggle to measure the results, but in this case, our study respondents indicated they have measurable results they can attribute to their mobile enablement. About 26 percent of companies reported increased revenue, while 23 percent saw cost savings. Companies also reported improved customer service metrics and employee satisfaction as key benefits.

It’s Not All Good News

With the good there is also the not so good or even downright bad. Sixty-three percent of companies indicated that there were a greater number of security risks than expected. When asked what security incidents they had experienced in the last year, 23 percent said they had identified malware on a device and another 23 percent said data loss due to a lost or stolen device.

These concerns and incidents contributed to our respondents indicating that in 2016 they would focus their spending on mobile device management (42 percent) and virus/malware detection tools (45 percent). While it’s great that they’re planning to step up their game in these areas, our data shows that many are already taking these security measures.

Simply doing more of the same is not a good strategy. The focus needs to be much broader and should take into account all threat vectors and how to address them. Mobile security is a broad topic and needs to be addressed holistically.

So what’s the net of all of this? Mobile is growing and so are security threats. If end users are accessing your corporate resources through mobile, you must embrace it and get ahead of threats.

Mobile is here. It’s happening and you need a mobile security strategy. Are you wondering how you measure up to the companies in our survey? Download the full ISMG report and see all the questions and responses as well as our analysis of the results.

Read the ISMG Study to Learn How Mobility Has Changed How Enterprises Conduct & Secure Business

More from Endpoint

Combining EPP and EDR tools can boost your endpoint security

6 min read - Endpoint protection platform (EPP) and endpoint detection and response (EDR) tools are two security products commonly used to protect endpoint systems from threats. EPP is a comprehensive security solution that provides a range of features to detect and prevent threats to endpoint devices. At the same time, EDR is specifically designed to monitor, detect and respond to endpoint threats in real-time. EPP and EDR have some similarities, as they both aim to protect endpoints from threats, but they also have…

The needs of a modernized SOC for hybrid cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

X-Force identifies vulnerability in IoT platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

X-Force prevents zero day from going anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…