The results show that mobile security costs UK SMEs over £66 billion per year – an average of £13,823 per company. They reveal that SMEs dedicate, on average, six hours per week to managing and monitoring mobile devices – which equates to 17% of an IT manager’s working hours. Responding reactively to mobile security threats was found to cost SMEs more time and money than those that proactively mitigated the threat; on average over £3,000 more per year, and two additional IT support working hours per week.
The study also highlighted that most companies (52%) claim that their corporate network has already been compromised by an unsecure personal device with the leading cause of breaches attributed to phishing and malware infected sites (as reported by 71% of respondents). Critically, they have little insight into what devices are connecting to their network with 70% claiming they have an issue identifying rogue devices.
Key findings include:
Financial and Labour Costs
•Mobile security costs UK SMEs over £66 billion per year. This includes unplanned mobile security breaches, such as compromised credentials and stolen phones, which cost SMEs £36 billion per year – an average of £7,479 per company – and mobile security solutions which cost a further £30 billion per year – an average of £6,344 per company.
•SMEs that respond reactively to a threat spend a third more than those who act before a threat occurs, an average of £9,095 as opposed to £6,017.
•UK SMEs dedicate an average of six hours per week to managing and monitoring mobile devices – constituting 29 million working hours per week in total.
Threats
•The majority of SMEs (52%) claim their corporate network has been compromised by an unsecure personal device.
•69% agree that mobile devices pose the biggest risk to network security.
•The main perceived danger is compromised corporate information (85%) followed by decreased productivity (70%) and increased malware infections (67%).
Causes
•The leading causes of mobile security breaches are phishing and malware infected sites (71%), followed by the use of simple passwords (70%), lost handsets (63%) and unsecure Wi-Fi networks (61%).
•The key challenges associated with effectively managing and securing mobile devices were the inability to rapidly identify, quantify, and mitigate threats (76%), visibility of rogue devices in the network (70%), outdated/unpatched software (63%), and visibility of corporate devices in the network (57%).
“The fact that UK SMEs are spending £66 billion on mobile security yet still have difficulty knowing what devices are accessing their network is a serious concern - especially as the number of mobile devices is increasing exponentially. Failure to provide adequate security not only results in loss of reputation and revenue through lost business, but also has growing legal ramifications,” said Joel Dolisy, CTO and CIO, SolarWinds. “In our experience, SMEs tells us they’re keen to proactively address growing mobile security threats but don’t have the resources to fully control network access. Put simply, they need a straightforward solution to regain control of their network.”