Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Its Time to Secure Mobile Devices, Not Just Manage Them

As part of my job, I spend a good deal of my waking hours thinking about information security and sharing my findings with IT security practitioners. What are the latest techniques we see from attackers, and what sorts of techniques or policies work best to mitigate them? And as attacks have become more sophisticated, it has also become increasingly clear that security technologies and solutions absolutely must benefit from one another and work together as a platform.

As part of my job, I spend a good deal of my waking hours thinking about information security and sharing my findings with IT security practitioners. What are the latest techniques we see from attackers, and what sorts of techniques or policies work best to mitigate them? And as attacks have become more sophisticated, it has also become increasingly clear that security technologies and solutions absolutely must benefit from one another and work together as a platform. In isolation, any single technology is no match for sophisticated attackers.

Network traffic must be fully inspected and decoded to ensure visibility into what it carries. A variety of technologies are needed to scan traffic for threats. Behavioral analysis and anomaly detection are critical for proactively exposing new threats and driving new protections. Beyond the network, security must extend to end-user devices and the data itself, and all of these things need to work together. For many of you reading, this is hardly news. Enterprise security teams face the challenge of integrating security measures on a daily basis.

Enterprise Mobile SecurityThe situation couldn’t be more different on the consumer side of the world. Consumerization has obviously had massive impacts on IT ranging from always connected smartphones and tablets, social media applications that have changed how information is shared, or the progressive move toward all things cloud. Despite these gains in consumer IT technology, there has been almost no progress in terms of threat prevention for consumers. Sure, modern operating systems and browsers have become less vulnerable to attacks (although attacks still happen), and applications have moved to automated updates to ensure most users are protected by the latest fixes. But these efforts are mostly limited to minimizing vulnerabilities. When it comes to actually detecting and blocking badness, consumers are limited to running the same host-based antivirus software solutions they have had for the past 10 years. 

This is not to say that desktop antivirus is bad, but simply that on its own it is woefully insufficient against modern advanced threats. No self-respecting IT admin would look at today’s threat landscape of advanced persistent threats and conclude, “We are going to put AV on our desktops and call them secured.” It just isn’t sufficient. It lacks the entire concept of an independent network security layer, and doesn’t incorporate many of the most important advancements in security such as next-generation firewalling, malware behavioral analysis and sandboxing. Furthermore, it simply lacks any respectable level of defense-in-depth.

This level of security is above the understanding of most end-users, whose interest in security typically begins with online shopping and ends with online banking. However, it should be very concerning to IT teams. Simply put, the majority of new devices that end-users are bringing into the enterprise have very little in the way of real security. Additionally, most enterprise efforts targeting these devices use some form of mobile device management (MDM). These solutions focus on creating separate containers that segment corporate data from the end-user’s personal data on the device. This is certainly important, but it’s not really the same thing as security. If an attacker compromises an end-users’ device, punching through containers is relatively easy. A compromised device can still be an easy avenue for an attacker to steal passwords and gain access to the corporate network. 

In fact, mobile devices will likely become an increasingly popular target for advanced attackers. They can interact with the corporate network over WiFi, but can also route traffic over cellular networks. Compromised mobile devices can easily record audio, video, and eavesdrop on phone calls. Most mobile devices include GPS, which can enable an attacker to even more selectively target his surveillance. In fact, in comparison to a hacked laptop, a hacked smart device can give cybercriminals many more opportunities to compromise a corporate network. Combine this with the fact that these devices are likely the least secured devices, and you are looking at the most vulnerable attack surface in the network.

Ultimately this is why we need to apply the full force of enterprise security to mobile devices. The challenges of mobility go beyond simply how to manage BYOD. It extends to all of security. If you are going to analyze network traffic for hidden malware or look for anomalous behaviors that indicate an infection, you should be sure to include mobile devices and mobile malware in your efforts. Consistency is one of the hallmarks of good security, and this will certainly apply to mobility. Enterprises that don’t take mobility into consideration when building their security policies do so at their own peril.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.