Smartphones and tablets are multiplying in IT environments like crazy, and the variety and types of devices are multiplying too, thanks to trends like BYOD (bring your own device) and CYOD (choose your own device).

If mobile security isn’t at the top of your to-do list, you might be guilty of the sin of mobile negligence, which is one of the “7 Deadly IT Sins” identified by Sophos as serious risks to businesses.

What is mobile negligence? It’s thinking that the only threat you need to worry about is cybercriminals targeting Windows. That’s just the beginning.

The threat researchers at SophosLabs have tracked more than 1 million pieces of malware targeting Android – with an 1,800% increase in Android malware over the past two years.

So many of the apps users install on their devices – often without IT’s knowledge or consent – can expose vital data due to operating system vulnerabilities, buggy app security, and unwanted permissions.

Even the iPhone 6, despite its reputation for security, is vulnerable to data thieves if your users aren’t properly configuring and encrypting it with a secure passcode or Touch ID.

And Windows Phones and BlackBerrys have security issues, too – the Windows Store is loaded with crummy, scammy apps; and BlackBerry 10 devices can now run Android apps that are definitely vulnerable to attackers.

As James Lyne, global head of security research at Sophos, says in a recent video, configuration and software changes could leave any device insecure.

Mobile devices can access corporate email accounts, corporate Wi-Fi networks, and other data your users share via applications – and that means your IT security is literally in the hands of your users.

If you want to know more about mobile negligence, check out the 7 Deadly IT Sins website, and get the security tips and resources you need to manage all your users’ devices.