When the iPhone was first introduced, Steve Jobs described it as “way smarter than any mobile device has ever been and super easy to use.” It’s no wonder that millions of iOS devices have since been deployed within the workplace, packed full of apps that fuel everyday communications, collaboration and productivity use cases.

Over time, organizations have not only grown accustomed to using iPhones and iPads for day-to-day processes, they’ve become dependent on them. With this in mind, IT and security leaders in charge of enabling productivity while securing smartphones and tablets must embrace these devices’ advantages responsibly. Adding to the complexity, they must also find a way to achieve security without disrupting an otherwise positive user experience that is exemplified by anytime, anywhere accessibility.

Swing for Visibility Into Mobile Activity

When considering the number of iOS devices that are being put to work, the various ways they’re being used, how far apart they’re located, and how they’re accessing a network, IT professionals have a lot to worry about. For this reason, it’s crucial to seek out an appropriate level of visibility. Optimally, an all-in-one display of this valuable information allows IT teams to understand user behavior on their devices — expanding beyond traditional mobile device management (MDM). For example, are employees using applications that could pose a potential threat to your organization?

When it comes to user app behavior, ask yourself: Do you have a strong understanding of the apps your mobile employees use most frequently? If you don’t have a way to assess the activity within your environment, it could be an app you know about or one you’ve never heard of. If it’s the latter, it would be good to know which users have the app and what level of activity has taken place.

Depending on what you uncover, the app might be completely normal — but there’s always a chance it’s not. Risky users might be using encryption to cover up their browsing history. Without seeing domain details for encrypted traffic, you have no way of knowing. Similarly, apps might be establishing local IP address connections on ephemeral ports. If that’s the case, and the device has corporate data on it, there’s a risk that other endpoints on the network could connect to it and swipe the proprietary data.

Strike With Control Over Risky User Behavior

Beyond visibility, IT professionals need a way to intervene at the most pivotal moments. If someone means to type in one URL, but ends up typing in another, are you certain the domain they’re navigating to is safe? Threat actors are aware of user error, and they commonly set up malicious sites to take advantage of those who may not check their spelling before they hit enter. That’s why it’s important to not only see device-specific web navigation activity, but to be able to act before problems arise.

To avoid mobile mishaps like this, IT and security leaders should invest in the appropriate threat defense capabilities to support the modern enterprise. No matter where your users are, what network they’re connected through or what they’re looking to do, it should be simple to take control if need be — whether you’re blocking, allowing or proxying traffic.

The Best of Both Worlds for Protecting iOS Devices

Built hand-in-hand with Apple, the Cisco Security Connector introduces a more granular level of visibility and control into corporate-owned iOS devices. This cloud-managed solution ensures that employees are protected and compliant at all times and wherever they go, and it can now be deployed and managed via IBM MaaS360 with Watson.

IT and security leaders can take advantage of this valuable integration by visiting the IBM Security App Exchange and downloading the Cisco Security Connector for MaaS360. To learn more about the IBM Security and Cisco partnership, visit the official alliance page.

Learn how Cisco and IBM are taking mobile security to the next level

More from Endpoint

Combining EPP and EDR tools can boost your endpoint security

6 min read - Endpoint protection platform (EPP) and endpoint detection and response (EDR) tools are two security products commonly used to protect endpoint systems from threats. EPP is a comprehensive security solution that provides a range of features to detect and prevent threats to endpoint devices. At the same time, EDR is specifically designed to monitor, detect and respond to endpoint threats in real-time. EPP and EDR have some similarities, as they both aim to protect endpoints from threats, but they also have…

The needs of a modernized SOC for hybrid cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

X-Force identifies vulnerability in IoT platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

X-Force prevents zero day from going anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…