Mobile devices are powerful computers, always connected to Internet and used without interruption in most cases. It will be worth to put in perspective that mobile device is one of the key productivity tools, which helps in generating business for many enterprises around the globe alongside keeping individuals connected with enterprise networks and applications.
While, the current situation has opened up new revenue streams in many cases, ever-present use of mobile devices results in both corporate and personal data stored on devices at high risk. This trend has changed the landscape of data protection drastically which calls for new approaches to ensure the data accessed and processed by devices remains secure while maintaining productivity.
Unfortunately, not every network and application is what it seems making it difficult for users to detect forgery or data exfiltration. This can be done by either intercepting the mobile network or exploiting the application / Operating system vulnerabilities.
Mobile devices have rapidly become ground zero for a wide spectrum of risk that includes malicious targeted attacks on devices and network connections, a range of malware families, non-compliant apps that leak data and vulnerabilities in device operating systems or apps.
Some statistics around Mobile usage are as below:
- Use of mobile apps is growing with 79% + companies using 10+ mobile apps
- Mobile malware is growing at unprecedented rate. Some attacks in last one year or so provides mind boggling data:
a. HummingBad Malware infected 85 million devices.
b. QuadRooter detected on an estimated 900 million devices
c. The Godless Malware infected 850,000 devices - As part of enterprise policy enforcement, 45 % companies did not enforce device policies.
- At the same time, 29% of companies had at least one outdated policy
- Only 9% of companies enforced OS updates, which is the biggest cause of vulnerability existence
The current state of most Enterprises
Many of the enterprises have embraced Enterprise mobile management (EMM) solution {some understand this by Mobile device management (MDM)}. While, such solutions give some control in form of managing the environment centrally, giving benefits of data wipe if the device is lost/expected to be in wrong hands. These solutions are farfetched to protect device/enterprise from Platform/Application vulnerabilities and malware.
Integration of mobile threat defense (MDM) solution with EMM is need of the hour.
“Integration with EMM leverages the individual strengths of both MTD and EMM tools by using real-time risk assessment information from MTD and taking actions such as restricting access to the secure container, selectively wiping corporate apps or, in the extreme case, un-enrolling the device so the device has no access to sensitive data” as mentioned by Gartner
It is high time for small, medium and large enterprises to understand the RISK mobile computing devices (with sensitive data and access to application) carry along while connected to internet. Identifying the appropriate Mobile Threat defense solution (MTD) and integrating with running EMM/MDM is need of the hour.
By:- Sapan Talwar