It’s important to start with getting the basics right—creating an acceptable use policy, using strong passwords, encrypting devices, training employees and securing cloud-based systems. But security isn’t just about keeping attackers out and telling employees what they can't do. It’s about empowering your people to do more, to innovate and to do their best work.
Get the basics right.
Failing on basic security?
Many organizations still aren’t doing enough to protect their mobile devices. Less than half (46%) said that they change all default/vendor-supplied passwords, and only 51% said they encrypt sensitive data when it’s sent over public networks. Yet these are two of the most fundamental security precautions—along with regular security testing and restricting access to data on a “need to know” basis. Only 13% of companies had all four of these basic precautions in place. This isn’t a one-off; it was 14% in our first report and 12% in last year’s edition.
Worried about phishing?
Year after year, we see companies get hit by phishing attacks. Yet less than half of organizations (49%) in our survey said that they give their employees ongoing training on IT security. Having email protection in place is important, but it’s not enough on its own. As we’ve mentioned, hackers are constantly innovating and finding ways to slip through these filters.
You can greatly improve your defenses by providing employees with ongoing training:
- Teach them how to recognize and report phishing, whether it comes via email, calls, apps or SMS
- Test their knowledge regularly
- Run mandatory retraining for those who score badly
Letting malware through?
Official app stores are constantly working to improve their scanning techniques and implementing more robust security filters, making them safer. However, many companies are letting employees roam the web and install whatever apps they choose, without such safeguards.
Despite the risks associated with malware and third-party apps, only 54% of organizations said that they restrict which apps their employees can install on mobile devices. And only 61% of organizations said they had a mobile device management (MDM), enterprise mobility management (EMM) or unified endpoint management (UEM) solution in place.
Ready to see how your mobile security stacks up to other organizations? This assessment tool can provide some powerful insights
- 2020 MSI
- The state of mobile security
- The mobile threat landscape
- Improving mobile security
- 5G and IoT
- Insights by sector
Across the board, criminal capabilities are outpacing most public and private spending in cybersecurity, as criminal profits are being reinvested into the development of new capabilities and an illicit black market for cyber tools and services.
—U.S. Secret Service41
Forty-five percent of organizations said that their defenses are falling behind attackers’ capabilities.
41 Michael D’Ambrosio, Assistant Director for Investigations, U.S. Secret Service, 2019
42 Data supplied by NetMotion, 2019
Services and/or features are not available in all countries/locations, and may be procured from in-country providers in select countries. We continue to expand our service availability around the world. Please consult your Verizon representative for service availability. Contact us.