Report: Enterprises ignoring crucial mobile OS updates
Enterprises and organizations are sticking to the status quo for mobile security despite devices becoming increasingly attractive targets, according to a new report from California-based MobileIron.
The company found in its latest security report that despite mobile operating system giants, like Apple and Google, pushing multiple security updates, enterprises haven’t kept up. The report found that only 8 percent of organizations have forced updates to the latest OS. MobileIron’s government respondents only scored a tick better, with 9 percent enforcing OS updates.
James Plouffe, a solutions architect with MobileIron, told FedScoop that despite the “basic hygiene” updating mobile operating system’s security, he is seeing a lack of effort on the part of enterprises.
“When we look at folks that are taking proactive steps, it’s less than 5 percent of enterprises that have deployed some sort of solution,” Plouffe said. “Even though malware continues to make a lot of news and get in the headlines, we’re not seeing folks who are looking at ways to mitigate that.”
The report also measured the rise in blacklisted apps, with a number of common cloud storage providers making the report’s top-10 list.
Among the new entries into the top-10 most blacklisted apps are popular note archival app Evernote and messaging app Line.
Plouffe attributes Evernote’s rise on the list due to the similarities in cloud storage apps, which present the chance for data leakage. With Line, he says, enterprise IT shops are essentially playing whack-a-mole with messaging apps to prevent backchannel communications.
Instead of resorting to blocking apps as they rise in popularity, Plouffe recommended organizations move toward blocking app behaviors.
“The real issue is these type of apps crop up all the time,” he said. “What we really need to start doing is less of blacklisting a single standalone app, or looking at app behaviors or creating a profile of app behaviors we don’t like.”
Read the full report on MobileIron’s website.
Contact the reporter on this story via email at greg.otto@fedscoop.com, or follow him on Twitter at @gregotto. His OTR and PGP info can be found here. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.