The analysis, which looked at network and application traffic of more than 1,600 organisations, evaluated the BYOD culture, where employees want to use the same mobile devices for both business and pleasure.
This so-called consumerisation of IT, the analysis said, is making the complex task of securing corporate data even more daunting.
It found that security and network managers who believe they can reduce most of their risk by focusing on analysing traffic flowing with port 80 are making a dangerous miscalculation.
The findings showed that 413 (35%) of the 1,195 applications evaluated do not use tcp/80. “This means that if an organization chooses to take the path of fortifying and protecting only tcp/80, then they risk missing the bulk of the traffic and the associated security incidents,” the study said.
Many applications, such as audio streaming, games, instant messengers, webmail and others also use port 443, or hop across many ports as part of their normal routine. “It’s clear that employees want to use the software and tools that they want to use, and this is making securing corporate data much more difficult than it already is,” said Mike Rothman, analyst and president at security research firm Securosis.