SMB mobility security percolating to the top as threats increase

Techaisle’s US SMB & Midmarket IT Security Adoption survey finds a mismatch between business confidence in mobility security and actual exposure to threats and mitigation actions and investments. Figure below illustrates respondent perceptions of current mobile security preparedness. In the US, roughly 20% of both small and midsized businesses report that they are “fully prepared and confident” with respect to mobile security, and more than twice as many state that they are “as prepared as can be,” while acknowledging that “requirements will change” in the future. Altogether, nearly two-thirds of small businesses and three-quarters of midmarket firms categorize themselves as being in one of these categories, with only 5% of small businesses and 2% of midmarket respondents reporting that they are “not very well prepared.”

Is it the case that SMBs have taken all necessary steps to safeguard mobile assets and environments? Other evidence from the survey indicates that there is some cause for doubt. Survey data shows that while protection of mobile devices is near-universal (92%) within midmarket firms, and multiple layers of protection (including containers/partitioning, used by 76% of US midmarket organizations, and mobile application management (MAM) and mobile device management (MDM), both used by more than 95% of midmarket respondents), small businesses are far less invested in mobile security: only 27% of small business mobile devices are protected, and overlapping defenses appear to be uncommon in this group.

The far more extensive security measures adopted by midmarket firms may represent a response to recent exposures. Figure below illustrates the extent of known mobility security breaches in small and midmarket businesses. Results are sobering. Overall 64% of US SMBs report mobility security breaches in the last one year. Nearly 40% of small businesses and almost 80% of midmarket firms are aware of at least one mobile security breach occurring within their environments. Techaisle believes that additional firms, especially in the small business community, suffered breaches that were not detected.

The data is starker in Asia/Pacific where 84% of midmarket firms report at least one security breach. Similarly, in UK & Germany, 72% of midmarket firms report mobility security breaches.

Clearly, mobility has an enormous impact on the threat profile of SMBs. Techaisle expects that these firms will continue to invest heavily in solutions to address mobility security, with increases in all areas, but particularly within the small business segment, and particularly with respect to managed services addressing MAM and MDM.