Many people forget the associated risks that portable digital devices come with. Many may have a false sense of security that computers are the main source of data breaches, but some may be quick to disregard mobile phones as a huge danger for leaking data.
Security researchers note the increased dangers of data leaks as more employees bring their own devices to work. If employees bring their own devices to the workplace, you can count this as an additional avenue for a breach to happen. Mobile devices are easily connected and employees are often allowed to connect mobile devices to their work servers to assist when working in or outside of the office.
You can see it either as another door for a data breach to happen or an opportunity to get inside as the door has been left open or is now weak enough to break in to…
Research from Ponemon found that, on average, a data breach can cost an organisation $7 million (£5.5 million).
Software and mobile solutions company Wandera made further investigations into where security risks and data leaks were coming from. After reviewing 3.9 billion requests from mobile devices of over 500 enterprises, the conclusions were that more than 200 mobile websites and apps were exposing sensitive consumer and company information from around January 2016 to January 2017.
Wandera’s findings, available in the 2017 Mobile Leak Report, identified leaks on devices located in more than 20 countries. The mobile websites and apps ranged from a variety of categories including News & Sports, Business & Industry, Travel, Shopping and Entertainment. The apps and websites leaking personally identifiable information (PII) included well-known and reputable websites and apps like the Royal Mail app.
The report showed that credit card data was more rigorously protected and only accounted for 2.3% of leaked information. Emails, usernames, and passwords accounted for the bulk of the leak. Arguably this is just as concerning as usernames and passwords are, more often than not, sufficient for a cyber-attacker to gain full access to online accounts.
Other findings from the report revealed the following:
- A bulk of the leak included sensitive information such as email/username (90%) and password (86%)
- Of the top 50 adult websites, 80% were found to be leaking PII
- Despite being widely used (30% of data usage) and considered secure, nearly 2% of data leaks originated from social media
The chief executive of Wandera, Eldar Tuvey, noted “mobile is well and truly the frontier for data security. It’s clear that security and compliance risks are far more formidable threats than previously thought. With the reported cost of remedying a mobile breach in the U.S. falling between $250,000 and $400,000 [£197,000 and £314,000] in many cases, enterprises need to take concrete steps to routinely monitor the data that flows to and from each individual device, identify potential security gaps and dynamically respond.”
Sound words of wisdom that many could do well to listen to…
Rather than having blind faith in website and/or app developers, organisations and companies must review and implement their own security measures.