The Fourth Annual Verizon Survey revealed that the shift to remote work and increased use of personal mobile devices raised red flags for IT security teams who see those devices as potential gateways for attacks.
During the pandemic, organizations have radically altered their operating models, many pivoting overnight to largely remote work.
This left IT professionals scrambling to get new collaboration and productivity tools working, often on employee-owned personal devices. Many of these are in fact mobile devices, giving the latest Verizon Mobile Security Index a definite Covid context. The survey of 856 professionals who purchase, manage and or secure mobile devices showed a subset of IT staffers under acute pressure to balance the need to support more flexible operations against protecting against new vulnerabilities associated with the work from home (WFH) movement.
Remote work increase to stay – in spite of security issues
Most respondents – 79% – said the number of remote workers increased during the lockdown. While most (70%) do expect that number to decrease, more than three-quarters expect more people to be working from home going forward than in the pre-pandemic days. Some 60% said mobile devices present their organizations with the biggest risk of exposure, while 85% called mobile devices at least as susceptible to a breach as other IT systems.
The Verizon Mobile Security Index revealed aspects of this mobile security effort that were both expected and surprising. The number of reported compromises in the last 12 months actually dropped to 23%, down from 39% in the previous 12 months.
However, there is some concern that breaches are being missed as IT reprioritizes efforts around operational challenges with the move to remote work. A worrying 76% said they have sacrificed mobile security controls to support the rapid swing to a WFH model.
Cyberattacks on the increase
This comes at a time when cyber attackers are exploiting new vulnerabilities exposed during the pandemic to launch attacks. 2020 Check Point research showed that Covid-19 related phishing and other malware attacks shot up from less than 5,000 a week in February of that year to more than 200,000 by the end of April. This trend continued with a 34% jump in all types of cyberattacks by the end of June over the number in April.
The major takeaway is that even as lockdowns ease and enterprises begin to move back to more traditional operating models, the nature of work has been changed to incorporate even more personal devices into corporate functions.
IT organizations need to make mobile security even more of a priority going forward or run the risk of significant impacts on operations and the potential loss of assets and reputational damage.