As mobile malware ratchets up, companies need better security for end-users’ devices

Organizations must set strict policies, use sophisticated solutions to fend off attacks

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

There is a large blind spot most orga­ni­za­tions fail to rec­og­nize and protect—the mobile network.

Today, employ­ees use their mobile devices to access busi­ness-relat­ed infor­ma­tion more than ever. Accord­ing to recent Busi­ness Wire research, 72 per­cent of orga­ni­za­tions have adopt­ed Bring Your Own Device (BYOD) poli­cies to some extent, and an addi­tion­al 9 per­cent plan to do so in the upcom­ing year.

Mobile devicesEd note_Check Point Software_Michael Shaulov have prac­ti­cal­ly become addi­tion­al end­points in orga­ni­za­tions’ net­works, allow­ing access to the same resources and mak­ing the risk of a mobile breach as severe as any oth­er. While the risk from mobile devices grows, in most cas­es the admin­is­tra­tors have only par­tial con­trol over them, and slim protection.

Relat­ed info­graph­ic: Con­ve­nience of mobile com­put­ing engen­ders risk

The main solu­tions most orga­ni­za­tions imple­ment to man­age their mobile net­work are MDMs—Mobile Device Man­age­ment sys­tems and EMMs—Enterprise Mobil­i­ty Man­age­ment sys­tems. Both solu­tions strive to pro­vide orga­ni­za­tions with a clear and com­pre­hen­sive view of their mobile net­work, as well as enforce secu­ri­ty poli­cies. The main dif­fer­ence between the two sys­tems is addi­tion­al appli­ca­tion man­age­ment fea­tures incor­po­rat­ed in EMMs.

MDMs and EMMs pro­vide cru­cial val­ue for orga­ni­za­tions, since unlike com­put­ers, which are usu­al­ly cho­sen and pro­vid­ed by the com­pa­ny and thus easy to man­age and con­trol, mobile devices vary great­ly in many ways, such as man­u­fac­tur­er, mod­el, car­ri­er and even oper­at­ing sys­tem and secu­ri­ty patch date. Pro­vid­ing a con­sol­i­dat­ed view of the net­work is the first step toward pro­tect­ing it. In this mis­sion, how­ev­er, MDMs and EMMs fall short.

MDMs and EMMs can be com­pared to com­put­er firewalls—providing a holis­tic view of the net­work and allow­ing basic appli­ca­tion con­trol, but by no means suf­fi­cient to pro­tect any orga­ni­za­tion in today’s threat landscape.

Mobile mal­ware also is on the rise, both in Android and iOS ecosys­tems. We have wit­nessed it grow in spread, vari­ety and sophis­ti­ca­tion, fol­low­ing the steps of PC mal­ware in many areas. Mobile mal­ware can even over­come and break into secure con­tain­ers by root­ing the devices. Just like in the PC world, to defend against the emerg­ing cyber threats in the mobile world requires advanced pro­tec­tions such as sand­box­es and end­point protections.

While reg­u­lar end­point solu­tions can’t pro­tect mobile devices, there are ded­i­cat­ed solu­tions that can. The new gen­er­a­tion of mobile secu­ri­ty solu­tions can iden­ti­fy and block threat not only by using sig­na­ture-based detec­tion, but also by apply­ing advanced dynam­ic threat pre­ven­tion tech­niques, which can detect both known and unknown mal­ware. Since mobile threats are real and con­tin­ue to evolve, orga­ni­za­tions must do the same to pro­tect their networks.

Orga­ni­za­tions need con­sis­tent cov­er­age of cyber­se­cu­ri­ty poli­cies across their infra­struc­ture and end user devices, includ­ing smart­phones and tablets. Even more so, orga­ni­za­tions ought to imple­ment advanced up-to-date solu­tions to fend off the ever-grow­ing stream of sophis­ti­cat­ed mobile mal­ware. Why spend mil­lions of dol­lars defin­ing poli­cies and imple­ment­ing con­trols on oth­er sys­tems and devices but leave the pri­ma­ry end-user device that con­tains the same kind of sen­si­tive infor­ma­tion unpro­tect­ed from threats?

More sto­ries relat­ed to mobile security:
New secu­ri­ty ques­tions arise as busi­ness­es strug­gle to con­trol BYOD
As mobile bank­ing explodes, finan­cial insti­tu­tions beef up app security
Threat of ran­somware grow­ing for mobile phones