C-suite executives logging on to unsecured public Wi-Fi hotspots seem to present one of the biggest security risks to enterprise networks
Close to half of enterprises believe that their C-level executives, including CEOs, present the biggest risk to the business of being hacked through extensive use of unsecured public Wi-Fi hotspots.
This is according to mobile connectivity provider and network aggregator iPass, which, in its latest annual Mobile security report, found that cafés and coffee shops were perceived as the number one risk venue on a list that included airports, hotels, exhibition centres and planes.
The supplier compiled responses from 500 enterprises in France, Germany, the UK and the US to get an overview of how businesses are approaching concerns around mobile device and hotspot security.
The vast majority – 93% of respondents all told – told iPass’ researchers that they were concerned about the security challenges posed by mobile workforces, and almost half said they were very concerned, up several percentage points on the 2016 edition of the report.
In addition, 68% of organisations told the researchers they had banned employee use of free public Wi-Fi hotspots to some extent, up 6% on 2016, and 33% had banned it outright, up 9% on 2016.
“The grim reality is that C-level executives are by far at the greatest risk of being hacked outside of the office. They are not your typical nine to five office worker. They often work long hours, are rarely confined to the office and have unrestricted access to the most sensitive company data imaginable,” said iPass VP of engineering, Raghu Konka.
“They represent a dangerous combination of being both highly valuable and highly available, therefore a prime target for any hacker.
“Cafés and coffee shops are everywhere and offer both convenience and comfort for mobile workers, who flock to these venues for the free high-speed internet as much as for the coffee. However, cafés invariably have lax security standards, meaning that anyone using these networks will be potentially vulnerable.”
Most businesses with concerns over public Wi-Fi were worried about man-in-the-middle attacks, but high numbers also cited a lack of encryption, unpatched network operating systems and hotspot spoofing as major concerns.
IPass said enterprises were more aware of mobile security threats with every year that goes by, but are still finding it hard to balance the need to keep safe – which is more acute than ever – with the productivity boost that being able to work from any location can bring.
In Konka’s view, unfortunately too many enterprises were choosing to simply ban employees from using hotspots outright, which he characterised as detrimental to business health, not to mention largely unenforceable.