As enterprises become more mobile, the threats to the security of their data – by far their most important asset – grow exponentially. With more than 60 percent of endpoints now mobile1, there are a lot of dangers out there, known and unknown, and that is driving many organizations to adopt more sophisticated mobile threat defense (MTD) solutions.
When you consider that the average employee’s mobile phone contains corporate data worth about $14,000, it’s easy to see why employee phones need the best protection your company can afford.
But the cost of a mobile device breach goes well beyond that single device. The access that hackers can gain through a compromised device can open the doors for them to do all kinds of harm. A single breach can easily cost an enterprise hundreds of thousands, even millions, of dollars when all the damage is calculated.
MTD solutions complement existing defenses by detecting and preventing threats against iOS and Android platforms through a number of techniques, particularly AI, machine learning, and behavioral analysis based on mobile threat intelligence.
How they protect
MTD solutions are designed to detect, prevent and remediate attacks by collecting and analyzing various indicators of compromise in order to identify anomalous behavior and counter any threats.
To accomplish that, MTD solutions collect threat intelligence not only from the devices they support, but also from external sources. By intelligently comparing the behavior of healthy devices with that of devices that are being attacked, the solutions learn to recognize suspicious activity much sooner.
MTD solutions offer protection for the device, the network and the application as well as protection against phishing attacks. Specifically:
- Device: MTD monitors OS and security update versions, device configuration, libraries and more, looking for vulnerabilities, security misconfigurations, and any sign of suspicious activity. Special attention is paid to modifications of system libraries and configuration or attempts to escalate privileges.
- Network: MTD monitors all forms of wireless network traffic for suspicious or unsanctioned behavior. It’s also effective at detecting the insidious man-in-the-middle hacking technique or sneaky attacks such as those from a malicious network where a weak encryption algorithm allows eavesdropping.
- Application: MTD can identify malware and other threats through code analysis and application sandboxing (limiting the environments in which certain code can execute). It does this through techniques such as signature-based anti-malware filtering, code emulation or simulation, application reverse engineering, and static and dynamic app security testing.
- Phishing: MTD defends against phishing expeditions on mobile devices, protecting users from malicious URLs sent via email, text, social, instant messaging and other apps. Because it proactively looks for threats it may be able to block the URL or alert the user, unlike simple antivirus solutions that aren’t sophisticated enough to protect employees as they move outside the perimeter. With an always-on approach, MTD detects phishing kits as they are being built, before a user is targeted and an attack is executed.
Increasing interest in MTD
Enterprises are increasingly embracing “smart” MTD solutions to build on the protections and security that their mobile device management tools already provide.
That is the rationale behind Sprint’s new Secure Mobile AI, an advanced on-device mobile threat detection application that uses machine learning to provide comprehensive protection against cyberattacks. When it discovers a threat, action can be taken either automatically or by the user, or preferably through a separate, third-party device management solution, such as Workspace ONE TM or Workspace ONE Express.
Because it can provide immediate risk assessments and threat alerts, Sprint Secure Mobile AI offers comprehensive protection for mobile devices against known and unknown threats using its machine learning algorithm. It can also integrate with one or more mobile device management solutions in a single console to enhance the ability to quickly remediate threats.
The dangers aren’t going away anytime soon. Hackers are targeting mobile devices like never before, increasing the risks and vulnerabilities that a mobile-first business faces. On top of those intentional attacks, there are also the issues of “leaky” apps that can expose personally identifiable information and the inherent vulnerabilities of users’ device operating systems.
Because any single attack can result in a security breach that compromises an organization’s data, assets and brand – and because mobile users present such an accessible target to hackers – companies are recognizing the need to devote more effort and the most advanced resources to protecting themselves and their users’ devices wherever they go.
MTD, with its intelligent threat detection and remediation, is a way that a company can effectively bring reinforcements into the battle.