It goes without saying that in IT security, there’s an ever-looming threat of malware. Threats come in all shapes and sizes, and they can cause serious damage if left unaddressed.

That’s where mobile threat prevention (MTP) comes into play. There isn’t just one app that will take care of everything. In most cases, a complete solution is required to manage and secure devices, users, apps and networks.

Mobile Threats Come in All Shapes and Sizes

Malware threats come without warning and can wreak havoc on an environment. If a user’s device or information is compromised, he or she may have to wait for IT to rectify the issue. Part of the waiting process is determining which type of threat is causing harm.

Read the white paper: Mobile is the New Playground for Thieves

Below are some common threat vectors attackers use to infiltrate corporate networks:

  • Ransomware, which takes control of devices, data and resources, and blocks access;
  • SMS listeners, which monitor text message activity and collect personal information;
  • Phishing attacks, or attempts to gather sensitive information by posing as a trusted source;
  • Rogue Wi-Fi, or malicious hot spots that are actually unsecured Wi-Fi networks; and
  • Man-in-the-Middle (MtiM) attacks in which threat actors eavesdrop on communications to capture data or modify messages to steal information.

Embracing a Broad Approach to Mobile Threat Prevention

Mobile threat prevention helps organizations protect devices, apps, users and content from malicious attacks. Security teams can combat these threats by leveraging an app that scans devices and configurations within the network, or by setting up security protocols in case malware is present on the network. The best strategy is to be proactive so security professionals can swiftly defang malware that finds its way onto a corporate device or network.

The main advantage of mobile threat prevention is that it allows organizations to detect, analyze and remediate malware on mobile devices. MTP tools provide advanced jailbreak (iOS), root (Android) and hider detection with over-the-air (OTA) updates for security definitions pulled from a continuously updated database. Administrators can set security policies and compliance rules to automate remediation, improving the security of both personal and corporate-owned devices.

Once the threat has been determined, the security team must stop it in its tracks before it spreads. Ideally, the team could use just one app to address all threats, but a single-pronged approach can only cover so much ground. It’s best to take a broad approach to device, user and network security.

Don’t Fall for Snake Oil

Organizations need a unified endpoint management (UEM) solution that offers mobile threat management. Rather than offering just one application to take care of a fraction of threats, a UEM tool can monitor devices and how they report to the environment. If anything deemed malicious is present, the administrator is notified to take the necessary precautions.

When considering a UEM solution with MTP, security leaders should look for tools that enable them to:

  • Use a near real-time compliance rules engine to automate remediation.
  • Alert users when malware is detected and automatically uninstall infected apps.
  • View device threat attributes in the console and review audit history.
  • Use detection logic updated over the air without app updates.

IBM MaaS360 with Watson offers MTP that integrates with IBM Trusteer and leverages cognitive capabilities to alert the administrator of existing and potential threats. This way, the admin can rest easy knowing that the network of devices, users, apps and documents is secured and threats are minimized.

Read the white paper: Mobile is the New Playground for Thieves

More from Endpoint

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

X-Force Prevents Zero Day from Going Anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…

8 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read