CTIA Super Mobility 2015 – Understanding Mobility and Risk

Author: No Comments Share:

CTIA Mobility Survey – Understanding Mobility & Risk

Earlier this month, Bromium attended the CTIA Super Mobility 2015 conference, as part of the Microsoft Startup Alley. The conference, which focuses on full mobile immersion, was a departure from the typical security conferences that Bromium attends. As a result, Bromium took the opportunity to connect with some of the biggest users and proponents of mobile technology to better understand their mobile usage patterns as it applies to security and risk. What we found should come as no surprise since the majority of attendees were not focused on security. For example, mobile users connect to public networks even though they are aware of the risk. Read on for the full findings.

Question #1: How do you define mobility?

  • Mobile devices
  • Mobile/remote users
  • Both mobile devices and mobile/remote users

CTIA 1

The intention of asking this question was to determine how mobile users define mobility. Certainly, there is some confusion about the term since the concept of mobile security tends to focus primarily on mobile devices, such as mobile device management. However, mobile security is much more than just mobile devices, as mobile and remote workers should also be considered under the umbrella of “mobility.” Ultimately, the survey reveals that mobility should be defined as both mobile devices and mobile users, suggesting that mobile security should do more to focus on mobile users.

Question #2: Do you ever access your corporate network, corporate files or corporate email account from your personal devices?

  • Yes
  • No

CTIA 2

Question #3: Do you ever access your corporate network, corporate files or corporate email account from a public network?

  • Yes
  • No

CTIA 3

Questions #2 and #3 unveiled mobile usage patterns, both related to mobile devices and mobile users. Virtually every mobile user has accessed corporate assets from their mobile device, in part because of a mobile addiction that has us checking our smart phones more than 100 times per day. The access of corporate assets from mobile devices should be viewed as a relatively minor security concern since mobile devices have yet to experience any major security breaches, outside of the occasional issue with malicious apps finding their way into app stores.

More concerning for information security professionals is that nearly two-thirds of mobile users will access corporate assets from public networks (a concern that will be underscored by the responses to the next question). There are significant risks to connecting to public networks, including compromised networks, man-in-the-middle attacks, sniffing and snooping, or malicious rogue networks; each with the ultimate goal of intercepting your traffic or infecting your machine. Information security professionals need to be aware that the overwhelming majority of end users are connecting to corporate assets from unsecured public networks, so they can take the appropriate precautions.

Question #4: Which precautions do you take when connecting to public networks? (select all that apply)

  • Connect via VPN
  • Avoid entering sensitive information (bank accounts numbers/passwords/etc.)
  • Browse using SSL/encrypt traffic
  • Avoid connecting to public networks
  • No precautions

CTIA 4

Speaking of appropriate precautions, 14 percent of mobile users take no precautions when connecting to public networks; a finding that should be at least a minor concern to information security professionals since the vast majority of mobile users connecting to public networks are accessing corporate assets. On the bright side, a quarter of mobile users claim to avoid connecting to public networks (of course it is entirely possible they may still connect to public networks; they just claim to avoid them). It is also encouraging that more than a third of mobile users connect via VPN, which can greatly bolster security. Ultimately, a large number of mobile users are connecting to public networks with no precautions or in a grey area of security.

Question #5: Which of the following public networks have you accessed from a corporate laptop? (select all that apply)

  • Coffee shop/restaurant
  • Airport
  • Hotel/convention center
  • Transportation (airplane/subway/bus)
  • Municipal WiFi/government building (library/courthouse/etc.)

CTIA 5

Question #6: Rank in order the security risk for each of the following public networks (1= low risk; 5=high risk)

  • Coffee shop/restaurant
  • Airport
  • Hotel/convention center
  • Transportation (airplane/subway/bus)
  • Municipal WiFi/government building (library/courthouse/etc.)

CTIA 6

It is interesting to review the results of these questions in tandem because they reveal that even though mobile users recognize the risk of connecting to public networks in coffee shops, airports and hotels, the majority of mobile users will connect to them anyway.

Coffee shops, airports and hotels/convention centers are quite clearly considered the most risky public networks, while transportation and municipal WiFi/government buildings are considered less risky.

Simultaneously, 85 percent of mobile users have connected to a public network from a corporate laptop at a hotel or convention center. This should be quite concerning for information security teams in light of attacks like DarkHotel. Likewise, nearly two-thirds of mobile users have connected their corporate laptops to public networks in coffee shops/restaurants and airports.

It just goes to show you that when it comes to end users, security is an afterthought. Even though these mobile users realize the security risk of connecting to these public networks, they still connect to them in droves. It is unrealistic to expect to be able to change end user behavior, so instead information security professionals must take proactive measures to protect their users.

One example of proactive protection is Bromium vSentry, which isolates threats to prevent data breaches by utilizing micro-virtualization. Micro-virtualization prevents unknown and untrusted Internet content (Web sites and emails) from ever accessing critical system files. Bromium captures each threat in its own micro-VM, monitoring its activity and alerting security teams with real-time threat intelligence. Bromium threat isolation succeeds where signature-based solutions fail because it provides proactive protection instead of reactive detection.

Previous Article

Infographic: State of Endpoint Security

Next Article

An interesting detail about Control Flow Guard

You may also like