For over a decade, the enterprise has deployed mobile management solutions to accommodate and offer basic protections for mobile phones; both in bring-your-own-device (BYOD) ownership models as well as in corporate-owned scenarios. However, the security provided by these solutions was always fairly limited. Threat actors quickly identified mobile devices as easy targets for exploits and malware, even with mobile management solutions in place. Enterprises who are using mobile management solutions such as Unified Endpoint Management (UEM) without Mobile Threat Defence (MTD) are leaving themselves open and vulnerable to cyber-attacks.
Download Check Point’s full white paper ‘Mobile Management Solutions Are Not Security: Use the Best Tool to Secure Mobile Devices’ here to learn more about the difference between management and MTD solutions.
What are mobile management solutions?
Mobile management solutions originated as Mobile Device Management (MDM) solutions, created to help enable businesses with their mobile device estate. They do this through a streamlining and consolidating process, placing smartphones on a single management platform. These solutions have evolved into UEM solutions, encompassing a number of endpoints, such as tablets, PCs, wearables, Internet of Things (IoT) devices, and more. The number of connected devices is expected to reach 50 billion this year and hit 75 billion worldwide by 2025, making the management of these devices an important task for the enterprise.
Why Use mobile management solutions?
Using a platform such as UEM simplifies what can be a very complex management process involving corporate devices. UEM solutions create a much more user-friendly experience, reducing administrator tasks and providing a consistent end-user experience across platforms, making user interactions with multiple devices seamless.
UEM solutions can provide some device-level policies in order to maintain basic device hygiene. This includes device encryption, remote wiping, and in the case of some UEM solutions, a basic jailbreak/root detection function.
However, in a constantly evolving mobile threat landscape, UEM does not provide the protection required to withstand even the simplest of mobile malware attack. UEM platforms are not able to scan for mobile-related threats such as malicious apps, vulnerable operating systems, and network-based attacks. Neither can they protect users against phishing and other social engineering attacks. As a result, users and organisations remain exposed and at risk to threats such as credential theft, data leakage, and device takeover.
What can Mobile Management solutions not protect against?
Man-in-the-Middle (MitM) attacks are common, network-based attacks which target mobile devices when malicious actors fool users and devices into connecting to a rogue Wi-Fi network. Using MiTM attacks, cybercriminals can intercept communications, meaning that they are able to steal data in transit.
Phishing campaigns are showing no sign of slowing down, with 91% of all cyberattacks now beginning with a phish. Mobile users are a prime target for a variety of phishing attacks due to their small screens. When using a small screen on a mobile device, phishing URLs are much harder to identify due to their nature of being partially hidden. In a world of BYOD and corporate-owned devices, business is done on a daily basis on mobile devices, and a single employee falling victim to a phishing attack could result in exposed corporate credentials and a malicious actor infiltrating the corporate network.
Malicious Apps and Rootkits
Using a management solution such as a UEM platform does allow visibility over assets on the managed part of the device. However, when it comes to their personal profile, users can install applications from official app stores or third-party stores. Malicious apps are rife and deliver anything from spyware and rootkits to Remote Access Trojans. Without any real-time threat intelligence and behavioural engines that can assess an apps’ behaviour, users and businesses are exposed to mobile malware in infected applications.
Secure Mobile Devices With MTD
When it comes to mobile devices, securing them should not be an optional extra. In an era where data protection is a key player in any organisation’s security policy, employees are constantly using their smartphones to consume and share corporate data. Only MTD solutions can protect against sophisticated cyber attacks.
Using a variety of techniques, including machine learning and behavioural analysis, MTD can prevent enterprise threats for both iOS and Android devices. MTD capabilities revolve around three key pillars of mobile security:
- Protecting the device’s operating system against vulnerable configurations, exploits, advanced rooting/ jailbreaking, and more.
- Protecting from application-based risks, such as malicious apps that can exfiltrate data, malware embedded on seemingly legitimate apps, and abuse of privileges.
- Protecting from network-based attacks, such as Man-in-the-Middle traps, data exfiltration to command & control servers, or phishing campaigns attempting to steal credentials.
How do MTD Solutions Address Enterprise Risk and Compliance?
- Prevents breaches originating from malicious apps, spoofed networks, Man-in-the-Middle attacks, and OS exploits.
- As a security component to be added on top of UEM: Gartner has recommended adding MTD solutions to the incumbent UEM solution in the enterprise, serving as the security add-on to these management solutions.
- Mobile phishing protection – MTDs can prevent credential theft by blocking phishing URLs, or by dynamically scanning for phishing indicators in unknown phishing sites.
- Regulation and policy compliance matters. Data regulation also applies to the data that is consumed on mobile, so having visibility of the risk posture of a device is critical to ensure that data does not leak outside the organization’s network.
- App vetting – MTD analyses apps and indicates which ones conflict with corporate policy, reporting to the UEM for it to uninstall the app
Don’t Turn a Blind-Eye to Mobile Security
Mobile devices are extremely vulnerable and should be treated as any other endpoint within the corporate network when it comes to security, risk management, and threat visibility. A Zero Trust approach in the enterprise should include enforcing policies on the mobile endpoint that prevent threat actors or malicious insiders from infiltrating the organisation and infecting the corporate network.
UEM solutions are undoubtedly useful for managing mobile devices, but the benefits of implementing an MTD solution to provide mobile security by preventing, detecting, and remediating sophisticated cyber attacks, using a variety of techniques on the device, network and application-level cannot be ignored. Furthermore, MTD can feed critical information to the UEM to help them enforce Zero Trust policies. Together, they can provide integrated management, security and enforcement solution.
How can We Help?
Get in touch to find out more about why mobile management solutions need an MTD solution.