Mobile security: Getting to total mobile threat protection
It may come as a surprise to some organizations, but enterprise mobility management (EMM) does not equate to mobile security. Yes, EMM is considered the standard for mobile management, but EMM alone will not keep you or your mobile users and data safe. To understand why, it’s useful to take a step back and recall the evolution of mobility in the enterprise.
A history of workplace mobility
Enterprise mobility really began back the late 1990s with the introduction of the first Blackberry device. At the time, the Blackberry was used almost exclusively by executives and other corporate VIPs who wanted to be connected to the office at all times. It was also well liked by IT, because it was equipped with ironclad security features. The Blackberry soon became a popular tool among executives everywhere.
But then came the launch of the iPhone in 2007. This kicked off a new era of enterprise mobility. Suddenly every employee was using their smartphone for both work and play. Of course, this raised security issues, and IT’s initial reaction was to put a lid on the BYOD trend by barring the use of personal smartphones in the enterprise. But this would not last. With everyone from the CEO down to the newest intern demanding mobility, the dam quickly broke and the IT department’s concerns were swept aside.
IT still had to find a way to bring security measures to the mobile workforce in the BYOD era. Its first effort at mobile security was containerization, which SearchITOperations defines as an OS-level virtualization method used to deploy and run distributed applications. Security vendors created a special container for smartphones that allowed every employee to check their email and use a limited number of mobile apps, such as a calendar app, in a secure fashion. The problem was, they couldn’t do much else. Containerization was too restrictive — workers eventually rebelled and the practice fell by the wayside.
Seeking mobile security in the enterprise
Next came the rise of mobile device management (MDM), or what’s now more commonly called enterprise mobility management. EMM is basically a set of processes and technology focused on securing and managing mobile devices and access across the entire business. At first, many corporations believed that deploying an EMM solution alone was enough to guarantee complete mobile security in the enterprise.
But then the threat landscape evolved beyond the devices themselves to include the apps and networks. In fact, the Department of Homeland Security (DHS) in May 2017 published a report recommending a new framework for mobile device security to ensure a baseline level of protection for all government organizations and businesses. DHS argued that such a framework would, at a minimum, have to go beyond enterprise mobility management to include measures like mobile application security. This layered approach to security allows organizations to leverage key strengths in EMM, like management and enforcement, and add threat intelligence, detection, and automation to have a complete mobile security strategy that scales.
Obviously, employees are not just using their mobile devices to read company emails anymore like in the early days of enterprise mobility. They’re accessing all sorts of sensitive data on apps and websites from Wi-Fi hotspots in insecure places like coffee bars, airports and hotels. Meanwhile, many are neglecting to update their devices with the newest OS containing the latest security upgrades.
Curbing malicious mobile app threats
So, what’s the problem? Mobile apps often collect both personal and corporate data that isn’t necessary for the app’s use or core function. Then, to make things worse, apps often offload this data to insecure back-end databases in the cloud. For example, a recent research report revealed that thousands of apps are leaking staggering amounts of data as a result of a back-end data exposure vulnerability dubbed HospitalGown. These records were accessible as a result of weakly secured databases that did not require authentication of any kind to access the data.
Another significant issue is that most users won’t pay for apps, and the free app model that has resulted discourages developers from spending time on important features such as privacy and security. This is a major shift from the past; back when corporations bought expensive enterprise software packages from traditional vendors, these solutions were loaded with security features. Traditional vendors could afford to build these features, and customers demanded enterprise-grade security software on everything they used.
But that’s certainly not the case now. To make money, app developers are often forced to harvest user data — which increasingly includes enterprise information — and monetize it by selling it to third-party data brokers and ad networks. As a result, even legitimate apps that are beloved by corporate users are collecting a great deal of information and, more often than not, failing to protect it properly.
Today’s EMM vendors understand that app security is essential. That’s why they’re beefing up their offerings by partnering with vendors that specialize in full-blown mobile threat protection. These solutions can automatically keep track of millions of mobile apps — even apps that are constantly changing versions — and quickly perform end-to-end analysis of them. What’s more, such solutions can detect data exfiltration, data leakage, privacy-invasive behaviors and other risks. Say, for instance, a corporate user is at a coffee shop and unwittingly connects to a malicious Wi-Fi network. The right mobile threat protection solution will automatically disconnect the user from that network. If the user has mistakenly installed malware, the device will automatically be quarantined. If the user downloads an app that’s leaking passwords to third parties, a good mobile threat protection solution will immediately alert the user of this danger. EMM is still the standard in mobile management, but EMM alone falls short when it comes to total mobile security.
Organizations need to take a best-of-breed approach to stay protected. This involves a combination of EMM as the foundational enforcement layer and mobile threat protection as the security intelligence and automation layer. This is how organizations can best maximize the many benefits of mobility while avoiding a costly breach.