Everyone else had already left for the day, but the Apprentice felt like his day was just beginning. He knew his internship with the IT department at Wizard, Inc. would be a challenge, but he never expected how challenging his final project — enterprise mobility management (EMM) — would be. The chief information officer (CIO) tasked him with securing all devices used for business purposes. If he could prove himself, maybe he’d get a job offer when this was all said and done. Fingers crossed.

The Apprentice’s Enterprise Mobility Management Challenge

But he was getting ahead of himself. First, he had to deal with the task at hand. There are so many devices of all kinds being used, and he needed to get a handle on every single one. It was clear that there were two cauldrons of users and devices: corporate-owned and employee-owned. The corporate-owned devices were already enrolled and managed, but their security policies didn’t seem to be set up correctly. Where to start?

The Apprentice turned to the company-issued mobile phones first. “A devicewide six-digit passcode strategy should do it,” he said to himself. Things were feeling better already. But he was getting ahead of himself again — what about those employee devices? He knew that employees had complained that Wizard, Inc. may be taking too much control or snooping on their personal devices. Nobody wants an employer to have access to personal pictures or see what apps they have installed.

He needed a container solution in which the user privacy was protected and the password strategy was only for corporate apps — that’s it! In other words, he needed a password for apps instead of the device itself. This job offer was looking more and more like a reality. The Apprentice was an enterprise mobility management wizard! He was about to press send on an email to the CIO to tout his genius, when he realized a brutal truth: There was still more work to be done. Lots more.

Securing Rogue Devices

Some kind of rogue devices were on the network. These devices weren’t enrolled or protected with corporate IT policies. “Oh no,” he said aloud. “These are devices being used at home!” Hundreds of tablets, laptops and personal phones were accessing corporate data and were completely unprotected. It was a nightmare! And some of them were running an even greater risk: They weren’t compliant with IT’s minimum system requirements. Outdated operating systems with known vulnerabilities — what an absolute mess.

The Apprentice got up from his seat and covered his face with his hands. He was in over his head. He thought he had everything secure, when the exact opposite was true. How can he lock down these devices without threatening employee privacy? How would he ever get a job offer now?

He should have understood the enterprise mobility management risks from the outset and made sure their defenses were protecting the right devices. It’s better to start out with a unified endpoint strategy than to struggle after the fact to control a wide range of insecure devices. There’s no shortcut to achieving sound mobile security. Why wasn’t that more clear in the beginning?

UEM Is Like Magic

The Apprentice acted immediately. He imposed an overarching unified endpoint management (UEM) strategy so all the devices were in control. He was able to set up granular policies that detected these rogue devices and automatically blocked them or forced enrollment into UEM, ensuring that the devices could be seen and protected prior to accessing corporate resources.

IBM MaaS360 with Watson is great for teams like his that are strapped too thin and don’t have the time to babysit every device. With the click of a button, a trusted advisor could guide him through any process surrounding enterprise mobility management. The Apprentice breathed a sigh of relief. It was almost like, well, magic.

Learn more: Read the Unified Endpoint Management for Dummies eBook

Click here to read more lessons in security and discover how all our favorite fairy tale characters learned to live securely ever after.

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…