Archival article
About the security gap you are ignoring and how to patch it with MobileIron
Service smartphones are treated as if they are still simple devices. This is all the more strange because people use their capabilities on a daily basis. It's probably all based on the assumption that a problem can't be easily solved, and dealing with it is asking for trouble. The truth is different. Mobile device security and convenient and effective management is possible. Provided you have MobileIron.
On the one hand, professionals understand the importance of mobile device security in the company, to some extent they are aware of the challenges but are not fully convinced that they can handle it. Therefore, it is better not to move it and somehow it will be, after all, up to now it has been somehow, right?
That’s why in this text we want to show that the reality is not so terrible in inches and does not bring nightmarish troubles. First of all, we won’t leave you alone with it. Second, we have the tools, and third, we know how to use them! Here’s a brief overview of MobileIron, a system we use ourselves (happily) and deploy to clients, including a large, very large insurance company operating in Poland. We immediately refute objections, implementing MobileIron makes sense already in a medium-sized company. If you have dozens of smartphones in your inventory then you already have a need for automated management of them. So don’t think it’s a toy exclusively for large organizations.
MobileIron – or what is it all about?
With changes in the way we use hardware and the increasing migration to mobile devices and thus the cloud, security priorities are also changing. IT must adapt to the requirements and needs of the rest of the company’s workforce without losing the ability to reign in and control the security of, for example, data.
Below are the 3 most common cases:
| Users’ requirements | Challenges |
|---|---|
| Have a choice of mobile device | Ensure multiple operating system management and security |
| Use personal and business applications | Find a solution to clearly separate private and business resources, including applications, in a way that guarantees the security of the organization and respects the privacy of users |
| Access to private and business data from any device (computer and smartphone) | Enable access to data in compliance with security and compliance rules |
Of course, you can try to “stiffen” to some extent the rules for the use of mobile devices in the company, but this is a method for the short term. Negative comments from employees will sooner or later end with the intervention of the vice president in charge of sales, CFO or HR. IT will be vulnerable in this situation and will be forced to “loosen” the rules. Which will have the effect of lowering the security level. A vicious circle.
We propose a slightly different approach, that is, to implement a central mobile device management system in the MobileIron edition. This is a response to the increasingly common demands of users while maintaining a higher level of security. Let’s leave aside here the basic functionalities that any MDM (Mobile Devices Management) system has and focus on what is much more important.
MobileIron AppConnect – or a virtual container for company data
The term container is conventional but it illustrates well what it is all about. The user stores the applications and data necessary for the work being done in it. No process or application outside the container can access them. This is secured by an additional password which increases the security of corporate data in case the device is stolen or lost.
AppConnect is also a Per-App VPN which means tunneled connections of applications in the container to the company’s servers. The tunnels are invoked by the application and used only by it so possible malware cannot eavesdrop on it.
Additionally, through AppConnect, an administrator can configure, upload or delete individual applications remotely and on all company devices simultaneously. Finally, AppConnect allows users to download and install applications only from the App Store native to the OS in use, in compliance with all security, authentication and policies previously put in place by administrators.
MobileIron Threat Defense – that is, spare yourself poor antiviruses
Malware targeting mobile devices is a fact of life. And this is regardless of the type of operating system. The target of the attacks are both users of devices based on Android and iOS. Therefore, the theory popular in some circles that malware is not created for Apple products is a myth. Just take a look here. What’s more, research and analytical centers indicate that for some time the amount of malware on mobile devices has begun to exceed what cybercriminals create for traditional computers.
It’s also no secret that popular antivirus programs are weak against modern malware. There are too many of them and they are too different from each other to be detected by signature databases. The spice of the case is added by the fact that already in 2012, the Chief Research Officer, one of the well-known antivirus producers, admitted in the Wired magazine that the entire antivirus sector cannot cope with the problem.
Cyber threats to mobile devices themselves can be considered on 3 levels:
- The device itself – often considered the most critical because they allow cybercriminals full control over the device, allowing them to install more of their own software turning the smartphone into their tool.
- The network – this is also a critical threat. It is often the prelude to launching a targeted cyber attack. Through a network-level cyber attack, a cybercriminal gains access to a device with the goal of infecting it with an exploit. If you even manage to fend off a network attack, you won’t be able to remove the exploits, and most often you won’t even know they’ve been added to company mobile devices.
- Applications – these are most often not targeted attacks. The chance that cybercriminals would want to execute a targeted cyberattack on your company through an app in the store is slim, and even if they did, the chance of an employee installing just that crafted app is close to zero.
In summary, protecting against cyber attacks at the device level should be number 1 when it comes to your priorities. And how does MobileIron Threat Defense do that? It offers protection on all three levels. The solution is based on so-called behavior-based machine learning which seems to be an advantage, because most providers of similar solutions put the center of gravity on detecting malicious apps. And here we can return to the effectiveness and sense of this approach, which we wrote about at the beginning of this piece. So we won’t repeat ourselves.
MobileIron – you can be a Mobile First Company!
Finally, here are some business cases that we hope will help if you are talking to management about the budget for implementing MobileIron. The solution will allow sales staff to be constantly online, even on the road, allowing secure access to data. This will enable faster and complete exchange of information, including financial information.
MobileIron is also a big nod to younger generations of employees. It may seem funny, but they make the decision to work or not to work at a given company through the prism of internal procedures, strictures and the possibility of continuous net access, among other things. After the implementation of MobileIron, it will be possible to present the organization as a Mobile First Company, i.e. a modern and millenial-friendly company.
The solution is also a response to changing conditions and ongoing technological changes allowing the company to maintain a higher level of security.