Does Anyone Doubt Mobile Security Should Be a Strategic Initiative?

According to eMarketer, the global smartphone audience surpassed the 1 billion mark in 2012 and was projected to total 1.75 billion in 2014. Meanwhile, Gartner projects more than 268 billion mobile app downloads will have taken place by 2017. As the pace and adoption of mobile computing grows, so do the security risks and threats. Cybercriminals are practical actors; they follow the money and the path of least resistance. The mobile platform is proving to be a choice target for malware where double-digit or even triple-digit growth has been reported. The malware is looking to steal sensitive user and enterprise information. So what should enterprises do?

Start by Securing the Device and the Data on the Device, but Don’t Stop There

A key concern for enterprises is data leakage. Are your employees using their mobile devices as a conduit to share and exchange enterprise data? The best and easiest way to address this concern is to manage employee devices via bring-your-own-device policies. However, there is always a trade-off between security and utility. You need to ensure your mobile device management solution provides flexibility in terms of policy definition and enforcement. For example, could a stronger device password be required? Do you have a secure way to share enterprise content and safely collaborate with fellow employees? Could you selectively wipe enterprise data from a compromised or at-risk device but ensure personal information is not removed? As enterprises gain control and confidence over securing devices and data, attention must be paid to the mobile applications on the device.

Your Mobile Applications Live in a Hostile World

Enterprises have little to no control regarding the installation of their mobile applications. Chief information officers and chief information security officers agree that their mobile applications are installed on at-risk devices. The risk may be introduced by mobile malware or be on devices that have been rooted or jailbroken. Rooted or jailbroken devices make mobile security and mobile operating system security ineffective. Therefore, it is incumbent upon each organization to ensure all sensitive mobile application data is encrypted. However, once you build a secure application, you must keep it secure. Since mobile applications are in the wild, they can be easily reverse engineered. Organizations that have sensitive intellectual property or want to prevent having their mobile apps repackaged with malware should first harden the app prior to its release.

Read the white paper: Secure the Mobile Enterprise

Mobile Authentication and Access Policies Must Adapt Based on Security Risk

Mobile users have zero tolerance when it comes to consumability. There is an expectation that mobile applications will be easy to use. When secure access management requirements collide with ease-of-use concerns, there must be a flexible and adaptable approach to secure authentication. Organizations cannot apply the same stringent access control policies for every application, yet they need to detect and prevent fraudulent transactions. What is needed is an adaptive approach that considers context. For example, is a user attempting a bank transaction from an unrecognized device in a historically different location? In this scenario, a one-time password might be sent to the user to enforce stronger authentication. The authentication requirements must adapt based on context.

The IBM Mobile Security Framework

IBM has developed its Mobile Security Framework to provide a holistic approach to mobile security.

Mobile security risk is prevalent on the device when it comes to protecting content and data, safeguarding applications, managing secure access and detecting fraudulent transactions. Organizations require a holistic and integrated approach to managing mobile security risk. A collection of point products does not provide an end-to-end solution. A holistic approach to mobile security should address all the risks and the unique interdependencies between them.

More from Endpoint

Combining EPP and EDR tools can boost your endpoint security

6 min read - Endpoint protection platform (EPP) and endpoint detection and response (EDR) tools are two security products commonly used to protect endpoint systems from threats. EPP is a comprehensive security solution that provides a range of features to detect and prevent threats to endpoint devices. At the same time, EDR is specifically designed to monitor, detect and respond to endpoint threats in real-time. EPP and EDR have some similarities, as they both aim to protect endpoints from threats, but they also have…

The needs of a modernized SOC for hybrid cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

X-Force identifies vulnerability in IoT platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

X-Force prevents zero day from going anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…