According to a study from Enterprise Mobility Exchange, 45% of enterprises fear data leakage. Despite this, the majority of respondents said that there was no mandate for using a VPN.
Data leakage is the top security threat
The study titled "Greatest Mobile Security Threats in the Enterprise" outlined the greatest threats facing companies today. According to the research, data leakage was the top concern for organisations. “Mobile apps are often the cause of unintentional data leakage because the majority of mobile users don't check the permissions they are granting,” Dr. Rebecca Wynn, Head of Information Security for Matrix Medical Network stated. Regardless of these concerns, however, 66% of enterprises allow their mobile workforce to operate a work device without a VPN. Although is no obligation to use a VPN for corporate-owned devices, many companies use VPNs to ensure a secure connection for remote workers. By not requiring employees to use a VPN, enterprises are more vulnerable to security risks. Nevertheless, 47% of enterprises said that vulnerabilities occurred less than 5% of the time.
Severe data leaks in 2018
Back in September, Amazon investigated its staff suspected of data leaks. According to allegations in the Wall Street Journal, employees offered internal data to help merchants increase their sales on the online marketplace. Google also suffered from severe data leaks earlier this year, prompting the company to shut down Google+. The Wall Street Journal exposed the story again, stating that a bug in Google's software had exposed the private data of up to 500,000 users. In the UK, Facebook received the maximum fine from the country's data protection watchdog following the disruptive Cambridge Analytica scandal. Meanwhile, the Brexit campaign group Leave.EU was also fined over "serious data breaches."
Interested in data? Listen to our podcast with the former CDO of Lloyds Banking Group Roberto Maranca on data governance in the enterprise or read Principal at Opera Solutions Danny Flamberg's take on third party data