Nearly 40 per cent of large companies, including many in the Fortune 500, aren’t taking the right precautions to secure the mobile apps they build for customers.
That’s the verdict of an IBM Security sponsored study, with the Ponemon Institute, which found organisations are poorly protecting their corporate and BYOD mobile devices against cyber-attacks – opening the door for hackers to easily access user, corporate and customer data.
According to the tech giant, the number of mobile cyber-security attacks is continuing to grow and at any given time, malicious code is infecting more than 11.6 million mobile devices.
The Ponemon Institute and IBM Security study, which researched security practices in over 400 large organisations, found that the average company tests less than half of the mobile apps they build.
Also, 33 per cent of companies never test their apps - creating a plethora of entry points to tap into business data via unsecured devices.
While these numbers may seem shocking, they aren’t surprising when considering that a full 50 percent of these organisations were found to devote zero budget whatsoever towards mobile security.
“Building security into mobile apps is not top of mind for companies, giving hackers the opportunity to easily reverse engineer apps, jailbreak mobile devices and tap into confidential data,” says Caleb Barlow, Vice President of Mobile Management and Security, IBM.
“Industries need to think about security at the same level on which highly efficient, collaborative cyber criminals are planning attacks.
To help companies adopt smart mobile strategies, we've tapped the deep security expertise of IBM Security Trusteer, bringing what we've learned from protecting the most sensitive data of complex organisations - such as top global banks - and applying it to mobile.”
Barlow says hackers are now taking advantage of the popularity of insecure mobile apps, public Wi-Fi networks, and more to break into the highly valuable data often housed on BYOD and corporate mobile devices.
Further, they’re also tapping mobile devices as an entry portal into an organisation’s broader, highly confidential internal network.
Alarming state of mobile insecurity
The new study also found major security flaws in the ways which most organisations build and deploy mobile apps for their customers.
The organisations studied, operate in industries which work with highly sensitive data, including financial services, health and pharmaceutical, the public sector, entertainment and retail.