Gigaom Research Reveals Organizations are Unprepared for Security Incidents Involving Mobile Malware and Data Leakage

June 24, 2014

Huge growth of mobile devices, data and BYOD initiatives create demand for integrated mobile security, visibility and incident readiness

LINDON, Utah, June 24, 2014 /PRNewswire/ — AccessData, the leader in incident resolution solutions, and Gigaom Research, today released a report on the growing complexities of mobile security and the limitations of “preventive, policy-driven” solutions that are not designed to detect and respond to mobile security incidents that bypass defenses. The reportMobile security and incident readiness: preparing for threats” advises InfoSec teams to expand their rapid incident detection and response capabilities to mobile devices that have access to sensitive data.

“In speaking with the various organizations, we found that many rely too heavily on their mobile device and mobile application management systems to handle mobile security,” said Michael Finneran, author of the report. “The preventive controls MDM offers are important, yet with the increase in mobile incidents, complicated by the sheer volume and diversity of devices and terabytes of data, security solutions with visibility and capabilities to detect and resolve incidents are in dire need.”

Key findings show that:

    --  Security teams lack the tools and knowledge to detect mobile device
        security incidents and to proactively investigate and resolve those
        incidents before major damage is done.
    --  A significant percentage of organizations are taking virtually no steps
        to ensure that mobile devices (company issued and BYOD) with access to
        corporate data are indeed secure.  A recent InformationWeek survey found
        46 percent required BYOD users to run an MDM client on their mobile
        devices while 43 percent trusted users to follow published security
    --  Even fewer have procedures in place to launch a meaningful response
        should a security incident involving mobile devices occur.
    --  Even experienced forensic examiners are challenged in extracting data
        from mobile devices. Data investigations extend beyond the early days of
        emails, SMS messages and call logs to analyze hidden or stolen data in
        applications, volatile data, multi-media and geolocation.

“Our customers tell us their biggest challenge is the limitations of mobile solutions, from the collection of data on all company devices, to the analysis of mobile data which takes a great deal of time and resources,” said Lee Reiber, VP of mobile forensics at AccessData. “Our advice is for companies to implement security plans and enterprise technologies that incorporate proactive mobile prevention, detection and response, to gain greater visibility and control of their mobile data and devices.”

Key Recommendations

    --  Proactive planning for incident readiness on mobile devices should be
        done as a part of the development of mobile security plans and policies.
    --  Look for advanced security tools with deep mobile device visibility that
        proactively collect and store key information over time which is useful
        for detecting security incidents, understanding the root cause and
        scoping the full extent of what happened.
    --  Integrate mobile device visibility including access to call logs and
        data with the automation of mobile threat identification, analysis and

With the dramatic increase in threats affecting mobile devices such as data leakage, mobile malware, insider threats and hacker compromises, enterprises need to look beyond current MDM/MAM solutions and invest in strengthening their mobile device rapid detection and response capabilities.

Additional Resources

    --  Gigaom Report - "Mobile security and incident readiness: preparing for

About Gigaom Research

Gigaom Research provides timely, in-depth analysis of emerging technologies for individual and corporate subscribers. Our network of 200+ independent analysts provides new content daily that bridges the gap between breaking news and long-range research.

About AccessData

AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://accessdata.com.

    Media Contacts:

    Judy Kaneko            Merritt Group

    408.769.1673           703.390.1512

    jkaneko@accessdata.com accessdata@merrittgrp.com

SOURCE AccessData

Source: PR Newswire

comments powered by Disqus