Views
11 months ago

CSLATEST

mobile management AFTER

mobile management AFTER THE FLOOD WITH MOBILE DEVICES NOW IN THEIR MULTI-BILLIONS GLOBALLY, AND MORE AND MORE APPLICATIONS FLOODING THE MARKET, THE NEED FOR MOBILE MONITORING AND DEVICE MANAGEMENT HAS NEVER BEEN GREATER OR MORE URGENT Anew report, 'On the Radar', from leading research company Ovum shines a light on the extent of the mobile security problem affecting businesses of every size around the globe. It exposes "the inadequate level of mobile device protection offered by most mainstream endpoint security providers who have failed to keep pace with market requirements and the subsequent threat this has created for businesses who are unwittingly exposed to cybercriminals". The report has turned the spotlight on an area of great concern - and one that needs to be addressed urgently. "Corporate mobile devices are inherently personal," states Michael Covington, VP Product Strategy, Wandera. "When it comes to BYOD, it should be understood that the end user has more control over the day-to-day running of the device. Unfortunately, this means more risk is introduced to the platform. There is a general notion amongst businesses and end users that mobile platforms are secure. For example, there are few security tools out there for Apple devices and not many news headlines around iOS vulnerabilities. The first thing people need to understand is these devices are not secure and, with the rise of mobile devices, hackers will only continue to attack them." Not only do people believe device platforms are secure, but also the apps themselves, he adds. "In reality, app developers are rushing to deliver their apps to the market and security is often an afterthought in the process. From a regulatory perspective, companies are obligated to protect credit card information. However, sometimes their apps haven't gone through secure development processes." Mobility has not been treated the same way that classic end-point has within the enterprise, says Covington. "Laptops and desktops have layers of defences, with a variety of different tools. On the mobile platform, enterprises are unlikely to have invested in even one tool, let alone multiple, to control multiple threat factors." One threat vector which is often ignored are the users themselves. "Investing in educating an individual is not normally something a business would do. However, if the individual is putting themselves or their data ta risk on a device that holds company data, they become the weak link in the chain. Employees often go around existing security policies using mobile devices. There have been instances of staff 26 computing security May/June 2017 @CSMagAndAwards www.computingsecurity.co.uk

mobile management tethering their mobile device when they're in the office, because they want to go to websites that are blocked on the corporate gateway." This is once again opening up security issues for businesses, he warns. "Both the enterprise and the end user have an interest in making sure their sensitive mobile data is secure. But end users also don't want to feel like a 'Big Brother' is watching their every move on their BYOD devices; which is why a solution that simultaneously protects end user privacy, without compromising business-critical reporting, traffic control or device management, is so important," adds Covington. KEY ATTACK POINTS Michael Shaulov, head of mobility solutions, Check Point, believes there are five major categories of attack and vulnerabilities that organisations need to protect their mobile fleets against, which demand multiple mobile security capabilities. The first is system vulnerabilities. "Each version of a mobile operating system will contain vulnerabilities that criminals can use to launch attacks. Devices need to be continually analysed to uncover vulnerabilities and the behaviours that cyber criminals use to attack them. When a threat is identified, the solution must automatically mitigate any risk until the threat is eliminated," he states. Next comes root access and configuration channels. "Root access enables a wide range of customisations and configurations, and gives criminals greater access, which exposes devices and data to risk," Shaulov points out. "Criminals can even bypass MDMs using relatively simple techniques, so it's necessary to monitor all configuration changes and use behavioural analysis to detect unexpected system behaviour." Then there are repackaged and fake apps. "Malicious apps can take complete control of mobile devices. It is remarkably easy for criminals to reverse-engineer popular apps or to create seemingly authentic copies of existing ones. In turn, these apps can be used to gain remote access to the device or download malicious payloads. Apps' installation processes should be monitored and run in a quarantined 'sandbox' environment to analyse their behaviour." Fourth on his list are Trojans and malware. "An app's code is huge and complex, making it difficult to identify a Trojan's malicious activity. A security solution should capture apps and automatically reverse-engineer them, enabling analysis that identifies suspicious patterns and behaviours." Fifth, Man-in the-middle attacks. "Manin-the-middle attacks can eavesdrop, intercept and alter traffic between two devices," he says. "Enterprises need behavioural analysis that can detect rogue hotspots and malicious network behaviour and conditions, and automatically disable suspicious networks to keep devices and data safe." Finally, he advises that this system of mobile security components must work together cohesively to identify a wide variety of threats, protect data and address employee privacy concerns, rather than being a loosely-integrated mix of point products. "The solutions have to be able to analyse behaviour across all possible vectors for indicators of attack, to keep mobile devices safe." SECURITY HEADACHE According to Mark Noctor, VP EMEA at Arxan Technologies, "a mobile-ready workforce can deliver some powerful advantages, in terms of flexibility and Dave Williams, 3M: another factor to consider is the 'low tech' one of prying eyes. Michael Covington, Wandera: both the enterprise and the end user have an interest in making sure their sensitive mobile data is secure. www.computingsecurity.co.uk @CSMagAndAwards May/June 2017 computing security 27