Personal devices are a major threat to mobile IT environments
A new survey finds that 58 percent of respondents believe access to their network from non-corporate and personally owned devices such as laptops, desktops or mobile phones is the highest risk in managing remote users.
The study from trusted access specialist Duo Security shows that while the trend to remote working has created unmatched flexibility and helped organizations attract top talent globally, it has also introduced a major predicament for IT and security teams.
From Duo's findings, 75 percent of respondents report that their users now connect remotely to work applications at least 25 percent of the time. In addition nearly half see the biggest risk as third parties, like contractors, coming in to the organization.
"Enterprise mobility is one of the biggest IT security challenges and personal devices are a massive blind spot," says Richard Archdeacon, advisory CISO at Duo Security. "If you don't know what's connecting to the network, how can you protect data from being compromised? What’s clear from this survey is that decision makers still don't feel comfortable with the sea of devices entering the workplace."
The survey also finds that phishing attacks remain a major source of security breaches. Phishing resulted in more than twice as many breaches as malware (48 percent compared to 22 percent). It also resulted in more breaches than malware and unpatched systems combined (48 percent compared to 41 percent).
"We have remote working, we have people in out of control environments where accounts can be compromised," says Archdeacon. "CISOs need to adopt a zero trust approach with a triad of different factors, you need to look at the user, at the device and at what they are going to be accessing."
You can read more about the report's findings on the Duo blog.