More than 70 percent of organisations have at least 25 per cent of their employees accessing enterprise business applications and documents from a mobile device. At the same time, one in four organisations in Australia have at least half their workforce accessing content from the internet instead of through a secure Virtual Private Network (VPN). This is despite the fact that 84 percent of organisations have previously deployed a VPN for remote access for the specific requirements for network and business application access.
That’s according to a survey of chief security officers staged at last month’s AusCERT conference by Zscaler, the industry’s first Security as a Service platform. The Zscaler survey of 100 chief security officers found that access to a VPN was a cause for concern among more than one in three respondents (36 percent) as this also provided employees with unfettered access to the entire corporate network.
Scott Robertson, Vice President Asia Pacific and Japan, Zscaler, said, “The world of IT security has undergone tremendous transformation, sparked by the consumerisation of the enterprise, the adoption of cloud computing, the ubiquity of mobile devices and the evolution of threats, which are more serious today than they have ever been before.
“Indeed, mobile devices, and the advantages they offer, have changed the way business is conducted. However, smartphones and tablets have also have wrought a new class of security threats and attack vectors. The varied mobile platforms and devices, along with the exponential growth of mobile apps can quickly become a security and compliance nightmare for enterprises to manage.”
The survey also revealed that:
- One-third of respondents had seen the number of mobile device users across their organisation increase by between 25-50 percent over the last 12 months.
- 60 percent of mobile device users are using their mobile device to access business applications more than 25 percent of the time.
- 54 percent of chief security officers have up to 25 percent of business applications in the cloud
- 20 percent of chief security officers have between 25 and 50 per cent of applications in the cloud.
In the next 12 months, more than one in four companies (28 percent) will have more than half of their applications in the cloud.
“This survey data suggests that in today’s enterprise everywhere business, users can instantly download unvetted apps from the cloud, opening them up to a variety of brand new threat vectors. The issue puts IT in the awkward position of balancing personal privacy with corporate security across platforms that you not only don’t own, but may not even be aware of. To make matters worse, these platforms change constantly, opening vulnerabilities that you may be completely unaware of. Every time mobile devices connect to the Internet, they may be exfiltrating data, connecting to a botnet, or downloading malware from the cloud along with what they think they are getting.
“While no one seriously thinks we can turn back the clock on mobile device and mobile app usage, new and more effective security measures are required. Security industry offerings that tried to graft existing PC era security technology onto mobile devices as well as mobile device management (MDM) solutions have proven inadequate to properly secure mobile devices and the networks they are accessing. True mobile security requires the ability to understand and classify mobile applications through traffic patterns, identify threats in real time and enable quick corrective action.
“Today’s modern cloud security platforms enables businesses to embrace these innovations securely, while delivering a superior user experience,” said Robertson.
About Zscaler
Zscaler is revolutionising Internet security with the industry’s first Security as a Service platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organisations, including 50 of the Fortune 500. Zscaler ensures that more than 15 million users worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies.
Zscaler is a Gartner Magic Quadrant leader for Secure Web Gateways and delivers a safe and productive Internet experience for every user, from any device and from any location — 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the internet backbone, operating in more than 100 data centres around the world and enabling organisations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade internet security, next generation firewall, web security, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence—all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com