Does Anyone Doubt Mobile Security Should Be a Strategic Initiative?

According to eMarketer, the global smartphone audience surpassed the 1 billion mark in 2012 and was projected to total 1.75 billion in 2014. Meanwhile, Gartner projects more than 268 billion mobile app downloads will have taken place by 2017. As the pace and adoption of mobile computing grows, so do the security risks and threats. Cybercriminals are practical actors; they follow the money and the path of least resistance. The mobile platform is proving to be a choice target for malware where double-digit or even triple-digit growth has been reported. The malware is looking to steal sensitive user and enterprise information. So what should enterprises do?

Start by Securing the Device and the Data on the Device, but Don’t Stop There

A key concern for enterprises is data leakage. Are your employees using their mobile devices as a conduit to share and exchange enterprise data? The best and easiest way to address this concern is to manage employee devices via bring-your-own-device policies. However, there is always a trade-off between security and utility. You need to ensure your mobile device management solution provides flexibility in terms of policy definition and enforcement. For example, could a stronger device password be required? Do you have a secure way to share enterprise content and safely collaborate with fellow employees? Could you selectively wipe enterprise data from a compromised or at-risk device but ensure personal information is not removed? As enterprises gain control and confidence over securing devices and data, attention must be paid to the mobile applications on the device.

Your Mobile Applications Live in a Hostile World

Enterprises have little to no control regarding the installation of their mobile applications. Chief information officers and chief information security officers agree that their mobile applications are installed on at-risk devices. The risk may be introduced by mobile malware or be on devices that have been rooted or jailbroken. Rooted or jailbroken devices make mobile security and mobile operating system security ineffective. Therefore, it is incumbent upon each organization to ensure all sensitive mobile application data is encrypted. However, once you build a secure application, you must keep it secure. Since mobile applications are in the wild, they can be easily reverse engineered. Organizations that have sensitive intellectual property or want to prevent having their mobile apps repackaged with malware should first harden the app prior to its release.

Read the white paper: Secure the Mobile Enterprise

Mobile Authentication and Access Policies Must Adapt Based on Security Risk

Mobile users have zero tolerance when it comes to consumability. There is an expectation that mobile applications will be easy to use. When secure access management requirements collide with ease-of-use concerns, there must be a flexible and adaptable approach to secure authentication. Organizations cannot apply the same stringent access control policies for every application, yet they need to detect and prevent fraudulent transactions. What is needed is an adaptive approach that considers context. For example, is a user attempting a bank transaction from an unrecognized device in a historically different location? In this scenario, a one-time password might be sent to the user to enforce stronger authentication. The authentication requirements must adapt based on context.

The IBM Mobile Security Framework

IBM has developed its Mobile Security Framework to provide a holistic approach to mobile security.

Mobile security risk is prevalent on the device when it comes to protecting content and data, safeguarding applications, managing secure access and detecting fraudulent transactions. Organizations require a holistic and integrated approach to managing mobile security risk. A collection of point products does not provide an end-to-end solution. A holistic approach to mobile security should address all the risks and the unique interdependencies between them.

More from Endpoint

X-Force Prevents Zero Day from Going Anywhere

This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While every zero day is important and organizations should still devote efforts to patching zero days once a patch is released, there are characteristics of certain…

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…