News Feed Item

Gigaom Research Reveals Organizations are Unprepared for Security Incidents Involving Mobile Malware and Data Leakage

Huge growth of mobile devices, data and BYOD initiatives create demand for
integrated mobile security, visibility and incident readiness

Singapore, July 16, 2014 - (ACN Newswire) - AccessData, the leader in incident resolution solutions, and Gigaom Research, recently released a report on the growing complexities of mobile security and the limitations of "preventive, policy-driven" solutions that are not designed to detect and respond to mobile security incidents that bypass defenses. The report "Mobile security and incident readiness: preparing for threats" advises InfoSec teams to expand their rapid incident detection and response capabilities to mobile devices that have access to sensitive data.

"In speaking with the various organizations, we found that many rely too heavily on their mobile device and mobile application management systems to handle mobile security," said Michael Finneran, author of the report. "The preventive controls MDM offers are important, yet with the increase in mobile incidents, complicated by the sheer volume and diversity of devices and terabytes of data, security solutions with visibility and capabilities to detect and resolve incidents are in dire need."

Key findings show that:

- Security teams lack the tools and knowledge to detect mobile device security incidents and to proactively investigate and resolve those incidents before major damage is done.

- A significant percentage of organizations are taking virtually no steps to ensure that mobile devices (company issued and BYOD) with access to corporate data are indeed secure. A recent InformationWeek survey found 46 percent required BYOD users to run an MDM client on their mobile devices while 43 percent trusted users to follow published security guidelines.

- Even fewer have procedures in place to launch a meaningful response should a security incident involving mobile devices occur.

- Even experienced forensic examiners are challenged in extracting data from mobile devices. Data investigations extend beyond the early days of emails, SMS messages and call logs to analyze hidden or stolen data in applications, volatile data, multi-media and geolocation.

"Our customers tell us their biggest challenge is the limitations of mobile solutions, from the collection of data on all company devices, to the analysis of mobile data which takes a great deal of time and resources," said Lee Reiber, VP of mobile forensics at AccessData. "Our advice is for companies to implement security plans and enterprise technologies that incorporate proactive mobile prevention, detection and response, to gain greater visibility and control of their mobile data and devices."

Key Recommendations

- Proactive planning for incident readiness on mobile devices should be done as a part of the development of mobile security plans and policies.

- Look for advanced security tools with deep mobile device visibility that proactively collect and store key information over time which is useful for detecting security incidents, understanding the root cause and scoping the full extent of what happened.

- Integrate mobile device visibility including access to call logs and data with the automation of mobile threat identification, analysis and resolution.
With the dramatic increase in threats affecting mobile devices such as data leakage, mobile malware, insider threats and hacker compromises, enterprises need to look beyond current MDM/MAM solutions and invest in strengthening their mobile device rapid detection and response capabilities.

Additional Resources

Gigaom Report - "Mobile security and incident readiness: preparing for threats" - http://bit.ly/1smRieS

About Gigaom Research

Gigaom Research provides timely, in-depth analysis of emerging technologies for individual and corporate subscribers. Our network of 200+ independent analysts provides new content daily that bridges the gap between breaking news and long-range research. Please visit http://research.gigaom.com.

About AccessData

AccessData Group makes the world's most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData software to protect them against the risks present in today's environment of continuous compromise. For more information, please visit http://accessdata.com.

Source: AccessData

Judy Kaneko
[email protected]

Asia Pacific 
EASTWEST PR for AccessData 
[email protected]

Copyright 2014 ACN Newswire. All rights reserved.

More Stories By ACN Newswire

Copyright 2008 ACN Newswire. All rights reserved. Republication or redistribution of ACN Newswire content is expressly prohibited without the prior written consent of ACN Newswire. ACN Newswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Sys...
WebRTC sits at the intersection between VoIP and the Web. As such, it poses some interesting challenges for those developing services on top of it, but also for those who need to test and monitor these services. In his session at WebRTC Summit, Tsahi Levent-Levi, co-founder of testRTC, reviewed the various challenges posed by WebRTC when it comes to testing and monitoring and on ways to overcome them.
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. In the eyes of many, containers are at the brink of becoming a pervasive technology in enterprise IT to accelerate application delivery. In this presentation, you'll learn about the: The transformation of IT to a DevOps, microservices, and container-based architecture What are containers and how DevOps practices can operate in a container-based environment A demonstration of how Docke...
Enterprises have been using both Big Data and virtualization for years. Until recently, however, most enterprises have not combined the two. Big Data's demands for higher levels of performance, the ability to control quality-of-service (QoS), and the ability to adhere to SLAs have kept it on bare metal, apart from the modern data center cloud. With recent technology innovations, we've seen the advantages of bare metal erode to such a degree that the enhanced flexibility and reduced costs that ...
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Governments around the world are adopting Safe Harbor privacy provisions to protect customer data from leaving sovereign territories. Increasingly, global companies are required to create new instances of their server clusters in multiple countries to keep abreast of these new Safe Harbor laws. Is it worth it? In his session at 19th Cloud Expo, Adam Rogers, Managing Director of Anexia, Inc., will discuss how to keep your data legal and still stay in business.
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
In the 21st century, security on the Internet has become one of the most important issues. We hear more and more about cyber-attacks on the websites of large corporations, banks and even small businesses. When online we’re concerned not only for our own safety but also our privacy. We have to know that hackers usually start their preparation by investigating the private information of admins – the habits, interests, visited websites and so on. On the other hand, our own security is in danger bec...
Successful transition from traditional IT to cloud computing requires three key ingredients: an IT architecture that allows companies to extend their internal best practices to the cloud, a cost point that allows economies of scale, and automated processes that manage risk exposure and maintain regulatory compliance with industry regulations (FFIEC, PCI-DSS, HIPAA, FISMA). The unique combination of VMware, the IBM Cloud, and Cloud Raxak, a 2016 Gartner Cool Vendor in IT Automation, provides a co...
SYS-CON Events announced today that Embotics, the cloud automation company, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Embotics is the cloud automation company for IT organizations and service providers that need to improve provisioning or enable self-service capabilities. With a relentless focus on delivering a premier user experience and unmatched customer support, Embotics is the fas...
SYS-CON Events announced today that MathFreeOn will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MathFreeOn is Software as a Service (SaaS) used in Engineering and Math education. Write scripts and solve math problems online. MathFreeOn provides online courses for beginners or amateurs who have difficulties in writing scripts. In accordance with various mathematical topics, there are more tha...
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.