“In some senses, it’s a better business model for the attackers to target mobile because their return on investment is much greater,” says Michael Callahan, Chief Marketing Officer of Zimperium, an industry leader in mobile threat defence.
“As an industry, we’ve invested billions and billions of dollars in keeping our desktops, laptops and servers safe, but through our mobile devices attackers can gain access to the exact same confidential information, such as IP, financial records, medical records or insurance records.”
Mobile threat defense (MTD) remains rare among enterprises, owing to confusion about the scope of the mobile threat, and the options available to enterprises to keep their devices safe. In their Market Guide, Gartner says that “By 2020, 30% of organisations will have MTD in place, an increase from less than 10% in 2017”.
“Some organisations understand the mobile device risk today and are taking action as they see it as a threat vector and are putting solutions in place to provide protection,” says Callahan, “but there’re some laggards that are still slowly coming to the table, following the exact same pattern that we saw with the rise of malware in traditional desktop, laptop, servers.”
Learn more about how Enterprise Mobility Managed Service can protect your workforce from mobile device threats.Find out more
Revealing hidden threats
In a classic chicken and egg scenario, the lack of awareness among security professionals of the scale of the threat is contributing to the scarcity of information in the first place.
“The problem is that you can’t take a finger and point to your mobile as an attack vector like you would for another big breach, because almost no one has the security software installed on their devices to actually see what’s happened,” says Callahan.
He says that after installing the firm’s mobile threat detection application, all of Zimperium’s customers found mobile threats targeting devices in their organisation and that it will take a wider adoption of MTD for the full scope of the problem to reveal itself.
“There’s a customer we're working with now, they decided to do a small pilot with their IT team. As part of the process we looked at what apps they had on their phone and it turns that two of the eight people in IT had seemingly innocuous apps that had communication channels to addresses in Russia and China.”
“For me, the mobile device threat is real, it's happening today, and it's probably happening in your environment,” he says.
Managing your mobile security
The good news is that while awareness of the scope of mobile threat remains low, there are already a number of mature mobile threat detection options available to keep businesses safe.
When considering your MTD options, one of the most important factors will be the amount of devices in your organisation, if any, which are corporate-issued.
When supplying devices to employees, security should be one of your key concerns when choosing a Mobile Device Management solution. In bring your own device (BYOD) environments, you will need to select a security solution which supports your staff and usage. Typically, this will manifest as an application which needs to be installed by each user in the organisation or technology embedded in applications developed by the organisation.
One of the most difficult aspects of managing a traditional security environment is ensuring that end points are kept up to date with the latest policy, threat and compliance patches.
This is an area where businesses supplying mobiles to employees can significantly simplify their overhead by leveraging an enterprise mobility managed service, which can ensure your MTD solution is kept current.
Also, look for an MTD option which provides your security team workable reporting, diagnostics and analytics to understand how devices are being used and where the threats are being introduced.
The integrated managed service provides more advanced capabilities to prevent, detect and remedy threats through Enterprise Mobile Management integration – to stop threats eventuating into data security breaches. For example, Telstra manages and executes threat response actions and supports end users in guiding them to remedy the device in those cases where remote remediation is not possible.
As the need to provide “interior” or “east-west” security grows, due to the proliferation of remote entry points to a network (mobile devices and cloud environments being the main ones), the importance of each end-point’s security rises.
This makes whether an MTD operates locally on the user’s device or if it relies on a cloud connection to function a key differentiator. Callahan says that the increasing sophistication of mobile malware driving adoption of on-device solutions.
“I'll give you two primary reasons. One is, if you're a bad guy, you're going to shut off the connection back to that cloud that the device is accessing for information. The second piece is, the attack happens at machine speed, so even if your round trip from the machine to the cloud to get information is fast, by the time you were to go to the cloud and come back, the malware's already gained access.”
This makes an on-device security a vital tool for keeping your organisation safe, whether the threat is a man-in-the-middle attack attempted via a spoofed Wi-Fi signal, a malicious app downloaded via the app store, or a phishing attempt which can be intercepted via strict, offline compliance rules.
“100 per cent of our customers see threats in their environment as soon as they deploy. So this isn't hit or miss, or sporadic. 100 per cent. Every single customer sees threats in their environment, and it's thousands.”Michael Callahan, Chief Marketing Officer, Zimperium
To future proof their investments, organisations should consider how an MTD solution can be integrated into their broader security environment and provide data into their operations centre, to assist with tracking the increasingly multi-device security threats that are emerging in the market.
Source: Market Guide for Mobile Threat Defense Solutions, Gartner, 22 August 2017