Skip Links

Mobile devices, virtualization seen as biggest security challenges: Ponemon survey

In addition, dysfunctional IT and security departments don't work as team

By , Network World
November 16, 2011 04:53 PM ET

Network World - Increased use of mobile devices, especially smartphones, in addition to the transition to virtualization, are key factors weighing on enterprises trying to sort out security strategy and budgets, according to a survey of 688 information and security managers.

Do smaller businesses think they're immune to security threats?

According to the Ponemon Institute's "State of the Endpoint" study released this week, there are serious signs that IT operations and IT security often fail to work as a team. Forty percent say collaboration is "poor or non-existent" and 48% call it "adequate, but can be improved." Virtualization, mainly VMware and Microsoft Hyper-V, are increasingly the software platforms their organizations support, and 55% say virtualization does require "additional security measures," with most turning for help with that to the virtualization vendor or vendors with specialized virtualization security components.

But a surprising 41% indicated responsibility for virtualization security isn't clearly defined by department or function. Additionally, 21% said IT security was responsible, 15% said IT operations was and 11% said it was the job for IT compliance.

Mobile devices — especially the use of employee-owned devices for work purposes — are also putting new stress on the IT department, according to the survey, which was sponsored by Lumension. The survey shows that mobile devices, especially smartphones, are counted as among "the greatest rise of potential IT security risk."

Use of personal mobile devices for work appears to be growing rapidly. Seventeen percent of the survey's respondents said more than 75% of the organization's employees use their personal devices in the workplace; 20% said more than half did.

Roughly half allow some level of connectivity to the corporate network and indicated they "secure them in a manner similar to that already in place for corporate devices;" 12% claimed security standards were even stricter. Twenty-one percent said they allow no such use, while a similar number said they are planning to allow it.

A quarter of the survey's respondents said they use mobile-device management (MDM) of some kind today and 45% indicated that use would increase in the next 12 months. And whereas only 9% in 2010 cited mobile devices such as smartphones as an area of the greatest risk to the enterprise, this year 48% did.

Microsoft operating systems and applications — still predominant in corporate use — are seen as most vulnerable to overall IT risks, though slightly less than 2010 when the question was also asked. There is also deep concern about possible vulnerabilities in third-party applications. And there's growing nervousness about the Apple Mac operating system, with 25% listing it in their top-three greatest concerns. That's up from 15% last year who said they were worried about the Mac and malware.

In addition, 41% of IT managers are now "very concerned" about Mac malware infections, and another 44% are "increasingly concerned."

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News