We give you a behind the scenes look at what our mobile security software is detecting
Corrata’s mobile security and control solution is used by organizations across a wide range of sectors. Public and private sector organizations in finance, utilities, professional services and real estate are among those who rely on Corrata to keep their mobile activities protected from cyber threats and aligned with corporate policies on acceptable use. This wide variety gives us real insight in to the real world threats employees encounter, using mobile devices to do their job. And not just insights – but hard statistics around key usage and risk metrics faced by businesses. In this post we’ll share some of the figures that we’re seeing.
How much data do employees use?
It will come as no surprise to anyone to hear how much data these devices are churning every day. A typical corporate owned mobile device today transmits and receives close to 500 MB of data a day. 80% of this is on Wifi networks – primarily residential and other third party networks. This leaves about 3GB of data on cellular on average each month. And these numbers are growing rapidly – 40% to 50% per annum. The advent of 5G is only going to drive this higher. Effectively, people will have fibre quality broadband in their hands 24×7 .
How many places are these devices visiting?
Devices visit anywhere between a couple of hundred to a couple of thousand distinct internet domains every day. This translates into literally millions of individual internet access requests per day for large accounts. These figures vary considerably across companies and use cases. The vast majority of the domains visited are the ‘backend’ services of the internet. These include analytics services, ad servers, content delivery networks and the like. The very obscurity of these web addresses makes the job of making sure that your devices never goes anywhere dangerous all the more challenging.
How often do employees encounter malicious sites?
Thankfully, the internet that our customers inhabit is mainly a ‘safe space’. In fact, 99.94% of the internet requests we vet fall into the ‘non malicious’ category. However, if your organization’s devices are generating millions of internet requests that still leaves a whole lot of sites to be pro-actively blocked. The vast majority of these internet destinations are ones which have been registered as hosting phishing sites. Corrata’s solution blocks access to these sites and eliminates the risk of credential theft. Other malicious sites that we block include malware download sites, proxy and other spyware infrastructure and, on relatively rare occasions C2 servers (servers used to ‘command and control’ malware resident on a mobile device).
How often does malware infect devices?
In short – rarely. However, this is not to imply that there is little risk of malware infection. The reason that we see very little malware on devices protected by Corrata is precisely because they are protected by Corrata. Because Corrata blocks access to suspicious servers, we prevent infections penetrating the device in the first place (one reason why we refer to our security solution as ‘the immune system for mobile’).
But, of course there are multiple ways in which malware can infect a device. These include over bluetooth, via a usb charger or even by SMS. So, the second way Corrata protects against malware is by detecting malware infection when it occurs. We do this by identifying (and blocking) connections to C2 servers. In fact, we find this type of infection pretty regularly: in a device fleet of circa 1,000 devices we would expect to see a malware infection once a quarter. Given the potentially catastrophic consequences of such an infection, vigilance is clearly justified.
What about enforcing acceptable use policies?
Good corporate governance and cyber hygiene suggests that companies enforce acceptable use policies through technological controls. Virtually all of our customers block access to material deemed ‘not suitable for work’. Before we implement these controls, we often see three to four employees per 100 using their device to access inappropriate content. Once we put controls in place, Corrata blocks this content – but also it becomes very rare for users to even attempt to access it. So good controls encourage good behavior.
So there you have it, mobile security by the numbers. Data usage is continuing to rise and it will more than double when 5G arrives. Employees access hundreds of domains per day when performing their usual tasks and browsing the web for information. Although most access points are benign, it only takes one phishing link to corrupt a mobile device. And access to one employee’s credentials might be enough for an attacker to then blitz the entire company database. In fact, reports suggest that a business falls victim to a ransomware attack every 14 seconds. Protecting your mobile fleet with solutions such as Corrata, guarantees that every website is screened thoroughly to give you peace of mind. Remember, when it comes to cyber security and control, prevention is better than cure!