• SIMPLIFY. EXPAND. GROW.

    SIMPLIFY. EXPAND. GROW.

    SMB. CORE MIDMARKET. UPPER MIDMARKET. ECOSYSTEM
    LEARN MORE
  • ARTIFICIAL INTELLIGENCE

    ARTIFICIAL INTELLIGENCE

    SMB & Midmarket Analytics & Artificial Intelligence Adoption
    LEARN MORE
  • IT SECURITY TRENDS

    IT SECURITY TRENDS

    SMB & Midmarket Security Adoption Trends
    LATEST RESEARCH
  • CHANNEL PARTNER RESEARCH

    CHANNEL PARTNER RESEARCH

    Channel Partner Trends
    LATEST RESEARCH
  • FEATURED INFOGRAPHIC

    FEATURED INFOGRAPHIC

    2024 Top 10 SMB Business Issues, IT Priorities, IT Challenges
    LEARN MORE
  • CHANNEL INFOGRAPHIC

    CHANNEL INFOGRAPHIC

    2024 Top 10 Partner Business Challenges
    LATEST RESEARCH
  • 2024 TOP 10 PREDICTIONS

    2024 TOP 10 PREDICTIONS

    SMB & Midmarket Predictions
    READ
  • 2024 TOP 10 PREDICTIONS

    2024 TOP 10 PREDICTIONS

    Channel Partner Predictions
    READ
  • CLOUD ADOPTION TRENDS

    CLOUD ADOPTION TRENDS

    SMB & Midmarket Cloud Adoption
    LATEST RESEARCH
  • FUTURE OF PARTNER ECOSYSTEM

    FUTURE OF PARTNER ECOSYSTEM

    Networked, Engaged, Extended, Hybrid
    DOWNLOAD NOW
  • BUYERS JOURNEY

    BUYERS JOURNEY

    Influence map & care-abouts
    LEARN MORE
  • DIGITAL TRANSFORMATION

    DIGITAL TRANSFORMATION

    Connected Business
    LEARN MORE
  • MANAGED SERVICES RESEARCH

    MANAGED SERVICES RESEARCH

    SMB & Midmarket Managed Services Adoption
    LEARN MORE
  • WHITE PAPER

    WHITE PAPER

    SMB Path to Digitalization
    DOWNLOAD

Techaisle Blog

Insightful research, flexible data, and deep analysis by a global SMB IT Market Research and Industry Analyst organization dedicated to tracking the Future of SMBs and Channels.
Font size: +
4 minutes reading time (790 words)

SMB and Midmarket mobility security risk sources

Techaisle’s global SMB survey shows that mobility security is the 2nd top IT challenge for small businesses and 4th top IT challenge for midmarket businesses. To delve deeper, during the course of the Techaisle SMB 2015 Mobility Adoption & Trends survey, respondents were asked “When it comes to security risk in the mobile computing context, which of the following represents a source of exposure or uncertainty within your organization?” To a surprisingly high degree of candidness SMB concerns with mobility security revolved around users. As figure below demonstrates, SMB IT respondents ranked three user-attributable issues

  1. User neglect/irresponsibility,
  2. Lack of user knowledge/awareness, and
  3. User mishap

amongst their top five concerns, trailing only “general malware infection” as a mobility security threat. Data is where the user is and to say that the enemy is inside the tent would be an understatement.

SMBs recognize the exposure and vulnerability but Techaisle survey shows that only 16% of SMBs worldwide are fully prepared to handle mobility security challenges. Data also shows that like manageability, security is an important constraint on mobility adoption within the SMB market. Most MSPs, channel partners and suppliers continue to focus on BDR and/or anti-malware security as they are easy to offer and deploy but they represent a very narrow approach to larger security issues within SMBs.

techaisle-smb-midmarket-mobility-security-threat-sources-resized

Although there are differences between small and midmarket perceptions but across all SMBs the angst about user neglects, irresponsibility, mishap is real and Techaisle believes that it reflects a concern about the effect that mobility has on the IT security perimeter.

Security Perimeter: Medieval castle design vs. windows and breezeways

The traditional approach to IT security has resembled the security approach reflected in medieval castle design. In castles, noblemen built high, strong walls around precious assets (themselves, as well, important citizens) and gathered peasants and cattle inside when threats loomed. IT has traditionally taken an analogous approach: harden the network perimeter (the firewall) and deal with threats, such as malware, if and when they arise.

The problem with mobility (like cloud) is that it changes the concept of “perimeter.” Intruders do not need to batter through closely-guarded walls to gain access to the interior of the network; they can ride through a permeable configuration on the backs of mobile devices that have been granted access to the precious applications and data that live in the interior of the organization.

Castle walls and drawbridges have been replaced by windows and breezeways offering access to visitors arriving from all directions.

With mobility, the user community becomes a ubiquitous and shifting source of portals through the perimeter. As a result, IT doesn’t need to only defend against recognized foes: it needs to protect the corporation from breaches that can result from the actions of its own workers, and needs to protect the same data that it delivers as an essential component of support for the mobile workforce – the workforce that is viewed by senior management as making compelling contributions to the top and bottom-line success of the business.

IBM is increasingly coming across the above scenario within its current and potential midmarket customer base. Speaking with Techaisle, IBM’s Director of Global Mid Market and MSPs, Brig Serman said “we are finding an increasing issue around balancing the security of company assets with the privacy concerns of the employee when using their BYOD device. IBM’s approach has been to address the security requirements of the business specific applications and data, while leaving "personal" data untouched. This goes a long way in addressing this balance, especially in an environment where increased mobility and the blurring of work / personal use of these devices becomes the norm”.

Layered framework strategy

In many ways, it is difficult or impossible to isolate security as an issue in mobility. Security is intrinsic to the devices, applications and solutions used by SMB firms that have adopted mobility, and security is an essential factor in supporting the mobile workforce. Looking at the list of threat sources detailed by SMB respondents in above figure, it is clear that IT needs to move beyond the perimeter as a means of defining security and to safeguard precious data and application assets through a combination of:

  • monitoring,
  • network segmentation,
  • encryption and related tactics

This clarity, though, does not by itself help SMB IT staff to adjust to the new threat sources that accompany mobility solutions. Suppliers will need to work with SMB and midmarket clients to create layered strategies that can evolve with the expanding mobile workforce, its activities and its requirements.

With 42% of global SMB employees becoming mobile in 2015, IT Suppliers (vendors and channel partners) need to help their SMB clients establish frameworks that protect against both external and employee threats to information security.

 

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

WW SMB Cloud Channel partners – builders more succ...
2015 WW SMB IT spend nearing US$600B
 

Research You Can Rely On | Analysis You Can Act Upon

Techaisle - TA