Information security teams are being urged to expand their rapid incident detection and response capabilities to mobile devices that have access to sensitive data.
“In speaking with various organizations, we found that many rely too heavily on their mobile device and mobile application management systems to handle mobile security,” said Michael Finneran, author of the report “Mobile security and incident readiness: preparing for threats.”
“The preventive controls MDM offers are important, yet with the increase in mobile incidents, complicated by the sheer volume and diversity of devices and terabytes of data, security solutions with visibility and capabilities to detect and resolve incidents are in dire need.”
The study, released by AccessData and Gigaom Research, shows that security teams lack the tools and knowledge to detect mobile device security incidents and to proactively investigate and resolve those incidents before major damage is done.
A significant percentage of organizations are taking virtually no steps to ensure that mobile devices (company issued and BYOD) with access to corporate data are indeed secure. A recent InformationWeek survey found 46% required BYOD users to run an MDM client on their mobile devices while 43% trusted users to follow published security guidelines.
Even fewer have procedures in place to launch a meaningful response should a security incident involving mobile devices occur.
Even experienced forensic examiners are challenged in extracting data from mobile devices. Data investigations extend beyond the early days of emails, SMS messages and call logs to analyze hidden or stolen data in applications, volatile data, multi-media and geolocation.