Organizations need to become better at improving mobile device security, a leading security consultancy says.
Symantec's annual State of Security Survey said that improving the security of mobile devices and other network endpoints was a crucial step in the continued fight against devastating cyber attacks.
The recommendation came as Symantec's survey of 3,300 companies in 36 countries revealed that cybersecurity is organizations' top security concern - ahead of natural disaster and financial loss.
Symantec's survey revealed that although 71 per cent of organisations reported fewer cyber attacks against their systems and networks than a year ago - reflecting the growing investment in staff and systems to improve security - no fewer than 41 per cent said that it was a more important issue than 12 months ago.
A key reason for this, Symantec said, was the growth of mobile devices such as smartphones and tablet devices connected to organizations' networks. the company said 47 per cent of the companies surveyed believed mobile device security "was affecting the difficulty of providing cybersecurity". Social media (46 per cent) and the "consumerization of IT" (45 per cent) were other worries.
Symantec said the concerns over mobile device security reflect the fact that it needs to be improved. The company said improving network security to protect mobile devices should be a key consideration for organizations It departments -
"Proactively encrypting endpoints will...help organizations minimize the consequences" of being open to a cyber attack, said the company. "Businesses need to protect information proactively by taking an information-centric approach to protect both information and interactions," said the company. Taking a content-aware approach to protecting information is key in identifying and classifying confidential, sensitive information, knowing where it resides, who has access to it, and how it is coming in or leaving your organization."
It added: "To help control access, IT administrators need to validate and protect the identities of users, sites and devices throughout their organizations. Furthermore, they need to provide trusted connections and authenticate transactions where appropriate. Organizations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status."
Image courtesy WikiKiwi/Wikimedia Commons.
Further resources:
IT Security