Welcome to Brown’s Bytes! Your weekly insight from Mobliciti’s CTO Andy Brown. Follow #brownsbytes
6th July 2018
This week I thought I would talk about a common question about Mobile Threat Defence that gets posed to me…
At Mobliciti we’ve been banging the drum about Mobile Threat for years. In the past the conversation would go along the lines of:
Andy: Look at this demo of the scary stuff that can happen when a Mobile device is compromised.
Customer: Yeah, but we run on iOS. It’s way more secure than Android and we just don’t see the risk at present. We’ve got Mobile Device Management (MDM) in place – that’s enough for us.
Andy: Scary stuff can happen on iOS too…
Customer: (Cutting Andy off) Yeah, but we’ve never had an issue to date so there’s no point spending money on this.
Andy: (Heroically fighting frustration) Ok – thanks for your time…
Clearly, I’m being a bit flippant to make a point, but this isn’t an uncommon view. Basically, the argument goes that we’ve never had an issue, so we’ll spend our money elsewhere.
I get that – you have to balance where to spend IT security budget to best mitigate risks to the company.
But there are significant flaws in the argument against getting Mobile Threat Defence now…
The first is rather simple – how do you know that you’ve never had an issue? Without a security solution in this space you’re basically blind to what your users are up to.
MDM is used to control, configure and limit what a device can do. It therefore can do the following to help control the risk:
– Detect jailbreak and rooting
– Report back on apps installed
– Limit ability to install apps with Whitelist/Blacklist
When the “threat” is malware you simply use MDM to limit people’s ability to get it on a device. Note that what it can’t do is tell you what the user is actually doing on their device!
Now, what’s interesting is that the threat itself has evolved massively over the past few years…
Malware is still something you want to be worried about. There is a constant stream of updates about rogue apps making it into the App Stores. Admittedly this tends to be more on Google Play… so maybe the argument about iOS being more secure still carries weight? Hmmm…
Jailbreak/ Rooting – absolutely you want to block this. There is no valid business reason for users to be doing this and if they have then that device is toxic.
The key change has been how bad actors target the phone. Put yourself in their shoes for a minute. You want information/data to monetise. Now, you could go after the traditional routes to get into an organisation and target them with email phishing, Windows malware, malicious websites etc.
But the reality is that everyone who takes security seriously has solutions to control these attacks:
– Email Gateways remove phishing attempts
– Malware is blocked by patching/AV/firewall
– Bad websites are blocked by proxies
So how else to get in. If only there was another solution in wide use where the users are not so well protected…
OH, HANG ON! IT’S THE MOBILE!
Simply put, the majority of a company’s defences are now not relevant. Even email phishing is being bypassed by the use of SMiShing (SMS Phishing) instead.
The mobile threat is now so much more than just the operating system and malware – it’s about the user of the Phone. And it doesn’t matter whether is iOS or Android, the user needs protecting either way.
If you don’t have Mobile Threat Defence in place, then I’d strongly suggest getting in touch to discuss this further.