One of the most famous and exciting times of the year for the United States comes with the annual college basketball event, March Madness. From the 15 seed Cinderella stories that make it to the elite 8 to the underdogs making it to the final and winning it all, March Madness has become synonymous with workplace brackets pools, watch parties and online streaming.

Why March Madness?

Major events like March Madness or Cyber Monday are often exploited by hackers looking to turn a profit or breach companies for their corporate assets. As a company that seeks to educate organizations on their employees’ data usage and flag any rogue or malicious mobile traffic, Wandera analyzed two specific areas of March Madness viewership: the impact watching the games has on mobile data usage trends and the potential security risk associated with each mobile application used. With the games in full swing, we have analyzed the threats targeting sports fans and NCAA apps. More specifically, we took a look at mobile usage for the period leading up to the first big games and narrowed our research down to the following apps: NCAA March Madness Live, ESPN, CBS Sports and Yahoo Sports and their corresponding websites.


As a result of our research, we found that between February and March, the number of employee devices connecting to the four sports websites increased 211%, while the number of devices utilizing the apps increased 126%. This may not seem like a concern to the untrained eye, but the spike in usage is extremely significant and telling. This is the type of data activity mobile administrators should be on the lookout for and working to curtail in an effort to maintain employee productivity and safeguard corporate assets. When IT administrators fail to effectively monitor their employees’ mobile data usage, the enterprise could ultimately suffer from unexpected overage charges, as well as be exposed to unnecessary security risks.
Although we expected to see an increase in the amount of traffic to these sports apps and their websites, it’s troubling that this degree of traffic is coming from corporate liable devices. It is common for businesses to prohibit employees from installing applications on corporate devices, but these same businesses are contradictorily allowing their employees to use apps associated with March Madness. This is a reflection of changing policies in the workplace, BYOD in particular, but it also represents an area of potential risk for the enterprise.

Best Practices

Finding a balance between corporate policy and the productivity and happiness of employees is often difficult, especially when it comes to major events like March Madness and Cyber Monday. Thankfully, mobility management tools exist to minimize the impact of spikes in mobile traffic through monitoring data. For instance, Wandera’s Secure Mobile Gateway, is a platform that provides visibility and control over mobile data. The end result: Mindful and conscious companies with the ability to make informed decisions as to what type of policies should be enforced and when.
We always recommend that mobility teams be as transparent as possible by engaging their users and asking them what their intended use of corporate-owned mobile devices is before enacting a company wide policy. IT teams need to engage the end user in order to avoid making employees feel restricted. Acceptable use guidelines will help to minimize impact to employee productivity without impeding employee happiness, so that events like March Madness remain a positive and enjoyable distraction without exposing the organization to undue risk and unnecessary costs.

What now?

Given the unprecedented rate at which technology is evolving, there is no foolproof solution to mobile security that will suit all enterprises. Moving forward, IT managers need to take steps to implement better mobile policies and keep in mind that visibility is essential to both mobile data management and mobile security. Without the knowledge of what your employees are using their corporate devices for, it becomes impossible to defend against attacks and mitigate the risk of a data breach. Once enterprises have gained full visibility of all their corporate devices and corresponding mobile traffic, they can enforce a mobile policy that is not only for the good of the enterprise, but the employees as well.