As BYOD becomes more widely accepted throughout corporations, information security has taken a huge hit.
Check Point Software Technologies Ltd. published its second mobile security report last week , revealing the majority of businesses (79 percent) had a mobile security incident within the past year.
The costs, according to the report, are substantial, tallying up to over six figures for 42 percent of businesses.
Large businesses were especially hard hit, as more than half (52 percent) of large businesses reported that security incidents on mobile have added up to more than $500,000 in costs in the past year. Small to Medium businesses did not escape unscathed, however. Forty-five percent of companies with fewer than 1,000 employees saw mobile security incidents exceeding $100,000 in the past year.
Android was cited as the platform with "greatest security risk”, according to the report, compared to Apple, Windows Mobile, and Blackberry.
Largely, the issue springs from employees storing sensitive company information on personal devices not managed by the company’s IT teams, the report said. In the survey of 790 IT professionals from North America, Europe, and Asia, 93 percent reported that mobile devices connect to their corporate networks. Of that, 67 percent allow personal devices to connect to corporate networks.
However, 63 percent reported that they do not manage corporate information on personal devices. The vast majority (93 percent) faced challenges creating a BYOD policy as well.
Securing corporate information (67%) and tracking and controlling access to networks (63%) were the largest barriers to BYOD policies, according to the report.
"Without question, the explosion of BYOD, mobile apps, and cloud services, has created a herculean task to protect corporate information for businesses both large and small,” Tomer Teller, security evangelist and researcher at Check Point, said in a statement . "An effective mobile security strategy will focus on protecting corporate information on the multitude of devices and implementing proper secure access controls to information and applications on the go. Equally important is educating employees about best practices as majority of businesses are more concerned with careless employees than cybercriminals.”