A Holistic Approach to Mobile Threat Defense
Mobile computing has become such an integral part of the work/life environment that people no longer even think about it. Communicating with colleagues, tapping into business applications, and accessing networks from handheld devices is part of everyday life for most individuals. But while giving employees the flexibility to work on the go and access systems anytime from anywhere has greatly increased productivity and expanded the network, it’s also increased the attack surface, creating security gaps that many people don’t think about – or candidly, choose to ignore.
Organizations that want to ensure privacy and security need a mobile threat defense solution that can handle the many-tentacled hydra that modern networks have become. Just as importantly, they need to do it without slowing down operations or hindering productivity through overly restrictive, piecemeal security policies. In other words, they need a holistic approach.
See Related: 7 Mobile Threat Defense Tips
Of the American public, 96% own a cell phone of some kind, with 81% of them owning a smartphone, according to research released in June by the Pew Research Center. And many of those phones are used on the job. Other research has shown, for example, that 94% of mobile workers have a smartphone, with a growing number of them adding tablets to their personal arsenals. And 71% of them spend more than two hours a week accessing company information via their mobile devices.
Workers that bring their own device (BYOD) to work are more productive, but all of those devices have the potential to introduce vulnerabilities into a network, either through the devices themselves or the apps they use. One example: Phishing threats—which are still hackers’ favorite tactic for getting into networks—are compounded by smartphones’ small screens, which avoid clutter by leaving out some information that otherwise could offer clues to an attack, such as a spoofed URL, according to Gartner’s Market Guide for Mobile Threat Defense. Other weak spots include unsecured Wi-Fi hot spots, which can be exploited for man-in-the-middle and drive-by attacks, or which can themselves be rogue hot spots designed for spoofing. Unsecured apps and those with weak cryptography can also result in data leakage. Even charging your phone in a public place can present risks. And, of course, handheld mobile devices can be lost or stolen.
Organizations aren’t blind to these threats. They do try to account for the risks of mobile computing. But in the process, they may deploy an array of overly restrictive security policies that often cancel out the productivity advantages of mobile devices. Some Enterprise Mobility Management (EMM) solutions can set compliance rules, segregate corporate data by “wrapping” individual applications (MAM), enforce encryption mandates and isolate data via virtualization, such as a Virtual Desktop Interface (VDI). But those processes can drag down the user experience. A holistic defense, on the other hand, can bring these and other steps under one roof, providing a more comprehensive approach to security while giving users a more seamless experience.
See Related: Developing an Effective Mobile Security Strategy
A holistic approach provides layered protection that addresses threats to networks, devices, points of access, apps and other features of a mobile environment. It can protect against malicious Wi-Fi networks and mobile profiles. Effective monitoring and analysis can detect both known, unpatched vulnerabilities and zero-day vulnerabilities in applications and operating systems, and mitigate them before they are exploited. It can provide a proactive defense against malware, and offers real-time response to attacks.
It includes features such as container-encrypted protection to secure contacts, emails, calendars, documents and other sources of sensitive information all in a single application, and can be deployed easily via cloud systems, whether they are on-premises, public or hybrid. A holistic solution can protect data at each step along the way, providing a ground-up defense against the full range of mobile threats. By consolidating security components into a single, comprehensive mobile threat defense solution, it provides easy management, eliminating the noise that comes from trying to harness a collection of separate solutions.
By integrating a holistic solution – often referred to as a containerized workspace, companies can enable their employees to get the most out of working in a mobile environment while providing greater protection against the risks of physical attacks, vulnerability exploits, malicious apps and network hacks. Organizations will be able to better ensure a secure work environment and employees will be able to share information without decreasing productivity. In fact, deploying a holistic mobile defense solution is one of the best, and only, ways to fully protect mobile devices without negating their inherent advantages.