Security teams in organisations lack the tools and knowledge to detect mobile device security incidents, which results in an inability to investigate and resolve these incidents.
This is according to a report titled Mobile security and incident readiness: preparing for threats , released by AccessData - incident resolution solutions provider - and Gigaom Research. The report covers the growing complexities of mobile security and the limitations of "preventive, policy-driven" solutions that are not designed to detect and respond to mobile security incidents that bypass defenses.
The report also revealed that a significant percentage of organisations are not taking any steps to ensure that the mobile devices with access to corporate data are indeed secure. In fact, a recent InformationWeek survey found that less than half of organisations (46 percent) required BYOD users to run an MDM client on their mobile devices, while 43 percent simply trusted users to follow published security guidelines.
In addition, even fewer organisations have a mobile security incident response plan in place.
"Speaking with the various organisations, we found that many rely too heavily on their mobile device and mobile application management systems to handle mobile security," said Michael Finneran, author of the report. "The preventive controls MDM offers are important, yet with the increase in mobile incidents, complicated by the sheer volume and diversity of devices and terabytes of data, security solutions with visibility and capabilities to detect and resolve incidents are in dire need."
"Our customers tell us their biggest challenge is the limitations of mobile solutions, from the collection of data on all company devices, to the analysis of mobile data which takes a great deal of time and resources," said Lee Reiber, VP of mobile forensics at AccessData. "Our advice is for companies to implement security plans and enterprise technologies that incorporate proactive mobile prevention, detection and response, to gain greater visibility and control of their mobile data and devices."
Sign up for Computerworld eNewsletters.