With cloud-native applications and remote work, mobile devices are a modern endpoint that companies need to secure. Organizations recognize that smartphones and tablets enhance productivity in a work-from-anywhere world. Users bring their devices with them wherever they go, often downloading applications for both work and leisure. As organizations start scrutinizing the workloads that they put on these devices, they need to redefine their mobile device security.
Specifically, organizations need to consider how Mobile Threat Defense (MTD) enables them to identify risky applications, block applications, and enforce security controls.
Historically, mobile device security focused on malicious applications, ones targeting jailbroken devices or that look to gain root access. Organizations implemented security controls and technologies to mitigate risks arising from spyware and Trojans.
Today, organizations also need to mitigate threats arising from risky apps. Users download applications from third-party app stores, often for legitimate reasons. For example, they might need messaging apps to communicate with peers, customers, and contractors.
However, people also download other applications, such as social media apps. While these apps may not be malicious in the traditional sense, they create data protection risks. In an increasingly digital and mobile world, organizations need visibility into and control over the corporate information that these apps can access.
While third-party apps may not be malicious, they can lead to data loss and leakage. Organizations need to start asking questions such as:
For example, when looking at the most popular mobile apps:
Between installed applications and the hardware, malicious actors can obtain a plethora of sensitive information from mobile devices, including:
Depending on how the app was designed, developers can request access to specific device functions, track data, and share it with third parties. Without any formal disclosure standard, app developers may not be upfront about what they collect and how they share it.
Mobile Device Management (MDM) focuses on the known rather than the unknown. An MDM tool enables an organization to protect itself from malicious activities and identified vulnerabilities such as:
With MDM, organizations generate lists of known security problems, then manage devices to mitigate risks. For example, MDM enables organizations to:
However, as risks and threats evolve, MDM lacks the comprehensive capabilities to protect IT environments from the complex risks arising from legitimate apps. In addition, unknown threats such as zero days are complex and require a solution that leverages a multi-faceted approach to protect devices. An MDM doesn’t have this capability.
MTD enables organizations to prevent data from being sent to third-party systems on the back end. MTD enables organizations to do the following to reduce the harm from risky apps:
On the back end, organizations need to identify which apps are sending data and where does this data go? Within an ecosystem, third-party apps may:
By identifying apps that exist in their environment, organizations can mitigate data loss and leakage risks by implementing policies. MTD solves these problems by
MTD provides visibility into where and how apps communicate so organizations can customize policies according to their data security concerns. For example, organizations can use MTD to identify risky geographic locations and set policies accordingly.
In some cases, an app may be useful but pose a specific, well-defined data risk. For example, if an app sends data to high- and low-risk geographic regions, the organization may not need people to remove it entirely.
In this case, a more precise data control would be to:
MTD enables companies to take a focused approach by defining domains that are specific to a given app and then applying them to a group of devices. For example, an organization can apply different policies to employees working with federal agencies than those working outside the federal government.
After identifying risks and setting policies, companies need to enforce them. Even though the policies can block data from being sent off the device, organizations still need to enforce policies to ensure users remove risky apps from their devices. Many organizations struggle with enforcement because it often becomes a cumbersome, manual process across multiple, disconnected systems.
Organizations using an MTD solution that integrates with their MDM tool can enforce their policies by:
With MTD, organizations eliminate the burdensome processes associated with enforcement. Through integrations and workflows, the combined MDM and MTD solutions automate the process of de-provisioning and reprovisioning access, enhancing security and reducing operational costs.
In a connected world, mitigating risks to data is increasingly complicated. Organizations need solutions that enable them to control where their data travels, no matter what device someone is using.
Zimperium Mobile Threat Defense (MTD) – formerly known as zIPS- is a privacy-first mobile security solution that provides comprehensive mobile security for organizations. Zimperium protects an employee’s corporate-owned or BYOD from advanced persistent threats without sacrificing privacy or personal data.
Zimperium MTD can help organizations identify which mobile devices have risky or banned apps by pinpointing what servers these apps are connecting to and blocking these apps and browsers from sending data off the device to the domains to which the app connects. By leveraging zero-touch activation, Zimperium MTD can automatically enforce conditional access controls as part of a zero-trust strategy, which prevents the use of enterprise apps and access to sensitive corporate data while these banned apps are installed.
Zimperium MTD is the only on-device mobile security solution that protects against the latest zero-day attacks. As the mobile attack surface expands and evolves, so does Zimperium’s dynamic on-device threat detection. Zimperium MTD detects across all four threat categories — device compromises, network attacks, phishing and content, and malicious apps.
For more information on how Zimperium MTD can help protect you from risky apps, contact us today.