Nearly 80 percent of companies are using more than 10 mobile apps for business, according to the third edition of the Mobile Security and Risk Review. Which are the 10 most popular? Which malware most troublesome?

This bi-annual report, released by MobileIron (NASDAQ: MOBL) at the 2017 RSA conference taking place in San Francisco February 13-17, provides IT security leaders with timely information about the state of enterprise mobile apps, the mobile threat landscape, and the emerging risks facing their organizations.

The report lists the 10 most popular business apps as:

The most popular business apps in the world For the first time, the Mobile Security and Risk Review includes a list of the most popular managed mobile business apps.

The top ten most popular managed mobile business apps in the world include:

  1. Webex
  2. AnyConnect
  3. Concur
  4. Adobe Acrobat
  5. Pulse Secure
  6. Keynote
  7. Numbers
  8. Pages
  9. Google Maps
  10. Word

It warns that mobile malware is becoming more sophisticated.

It notes that at the end of 2016 was plagued with high-profile vulnerabilities and new malware families that were not present in the second edition of the Mobile Security and Risk Review. The severity and sophistication of these attacks increased to unprecedented levels. Notable examples include:

  • HummingBad Malware: infected 85,000,000 devices
  • Pegasus: capable of intercepting virtually all communications
  • QuadRooter: detected on an estimated 900,000,000 devices
  • The Godless Malware: infected 850,000 devices

The state of mobile enterprise security While mobile malware sophistication is on the rise, enterprises did little to improve mobile security best practices, even in highly regulated industries.

Security hygiene highlights from Q4 2016 include:

Policy enforcement: Nearly half of companies (45%) did not enforce device policies
Outdated policies: Nearly 30% of companies had at least one outdated policy
Missing devices: 44% of companies had at least one missing device
Operating System updates: Just 9% of companies enforced OS updates
Compromised devices: 11% of companies had compromised devices accessing corporate data