Mobile devices, virtualisation seen as biggest security challenges: Ponemon survey

State of Endpoint study finds IT operations and IT security often fail to work as a team

Increased use of mobile devices, especially smartphones, in addition to the transition to virtualization, are key factors weighing on enterprises trying to sort out security strategy and budgets, according to a survey of 688 information and security managers.

Do smaller businesses think they're immune to security threats?

According to the Ponemon Institute's "State of the Endpoint" study released this week, there are serious signs that IT operations and IT security often fail to work as a team. Forty percent say collaboration is "poor or non-existent" and 48% call it "adequate, but can be improved." Virtualization, mainly VMware and Microsoft Hyper-V, are increasingly the software platforms their organizations support, and 55% say virtualization does require "additional security measures," with most turning for help with that to the virtualization vendor or vendors with specialized virtualization security components.

But a surprising 41% indicated responsibility for virtualization security isn't clearly defined by department or function. Additionally, 21% said IT security was responsible, 15% said IT operations was and 11% said it was the job for IT compliance.

Mobile devices — especially the use of employee-owned devices for work purposes — are also putting new stress on the IT department, according to the survey, which was sponsored by Lumension. The survey shows that mobile devices, especially smartphones, are counted as among "the greatest rise of potential IT security risk."

Use of personal mobile devices for work appears to be growing rapidly. Seventeen percent of the survey's respondents said more than 75% of the organization's employees use their personal devices in the workplace; 20% said more than half did.

Roughly half allow some level of connectivity to the corporate network and indicated they "secure them in a manner similar to that already in place for corporate devices;" 12% claimed security standards were even stricter. Twenty-one percent said they allow no such use, while a similar number said they are planning to allow it.

A quarter of the survey's respondents said they use mobile-device management (MDM) of some kind today and 45% indicated that use would increase in the next 12 months. And whereas only 9% in 2010 cited mobile devices such as smartphones as an area of the greatest risk to the enterprise, this year 48% did.

Microsoft operating systems and applications — still predominant in corporate use — are seen as most vulnerable to overall IT risks, though slightly less than 2010 when the question was also asked. There is also deep concern about possible vulnerabilities in third-party applications. And there's growing nervousness about the Apple Mac operating system, with 25% listing it in their top-three greatest concerns. That's up from 15% last year who said they were worried about the Mac and malware.

In addition, 41% of IT managers are now "very concerned" about Mac malware infections, and another 44% are "increasingly concerned."

Malware in general continues to be the plague disrupting IT security, according to the survey. About a third cited a "major increase" in all types of malware incidents over last year, and 22% claimed there was a "slight increase." The vast majority of the organizations in the survey use anti-virus software, according to the survey and found it useful, though 21% dissed antivirus/anti-malware as "not effective at all."

But according to the survey, 43% said there were more than 50 "malware attempts or incidents" that their IT organizations had to deal with monthly. That was up from 27% that said that last year. Thirty-two percent said IT coped with between 26 to 50 monthly malware attempts and incidents, 13% said 11 to 25, and only 12% cited less than that.

About 90% cited "web-borne malware attacks" as a source, with "zero-day attacks" the incident that was "the biggest headache." Thirty-six percent believe their organization have been subject to "targeted attacks" aimed specifically at them for purpose of infiltrating the organization.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Configuration / maintenanceNetworkingsecurityMicrosoftwirelesshardware systemsPonemon InstituteData CenterVMwaremobile-device management; security; Ponemon; endpoint; Mac;virtualization

More about AppleLANLumensionMicrosoftVMware Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place