Enterprise security risk management is an increasingly complex job in the mobile world. As I discussed in my previous blog, risks can come at you from a wide variety of directions: devices, apps and even user behaviors that inadvertently open employees (and your entire organization) to unexpected threats.
Unified endpoint management (UEM) technology has made enormous strides in bringing these threats under control. As this sector evolves, market leaders now incorporate a multidimensional approach to mobile security that necessitates the relationship between mobile endpoint security technologies and more traditional mobility management.
Comprehensive Mobile Security
Data is the key to a successful mobile security program. The only way a mobile security product is going to be successful is if it has widespread information across the Spectrum of Mobile Risk. It also needs to have behavioral anomaly detection and other technologies in place to analyze this information to:
- Discover previously unknown threats,
- Alert end users on identified threats and
- Allow enterprises to set policies based on user behaviors or device configurations that may put sensitive enterprise data at risk.
UEM technology is then able to take signals from the mobile security product and facilitate remediation.
For example, if a device encounters a piece of mobile malware or a device that accesses a certain set of privileges that the enterprise deems risky, that should raise a red flag, depending on your enterprise’s risk tolerance. A well-equipped UEM platform should then automate remediation actions—such as cutting off that device’s access to the corporate file system — until the threat has been addressed and resolved.
Protecting Against More Than Just Threats
Given the complexity of enterprise mobile risk, mobile threat defense solutions should detect more than just immediate threats. Such systems need to detect risky apps, network issues, jailbroken phones, out-of-date operating systems, insecure device configurations and suspicious user behavior.
The Lookout Mobile Risk Matrix lays out the approach to risk assessment in the mobile world, and it’s a useful guide to assessing the various vectors and threats that a comprehensive mobile security solution—integrating mobile threat defense and mobility management technology—should be able to address.
As I discussed in my previous blog, when your enterprise considers app behaviors and configurations, you may find that there are a large number of apps with default permissions that might pose a risk. Here’s what the Lookout Security Intelligence team found on enterprise iOS devices protected by Lookout:
- 30% of apps access contact records
- 30% of apps access GPS
- 31% of apps access the calendar
- 39% of apps access the microphone
- 75% of apps access the cameras
This should be a clear warning sign that mobile devices, including iOS, present a risk of data leakage. Exactly which combination of apps and behaviors you will consider risky depends on your organizational needs and policies. For instance, if a healthcare provider allows doctors to use mobile devices with HIPAA-protected patient records, then apps that access contact records must be regulated.
What Enterprises Must Do Now
The key is to mitigate risk via custom policies that protect the most critical data for your company, while alerting you and automatically remediating the kinds of threats, vulnerabilities and behaviors that present the greatest risk to your particular case.
Start this process by asking two key questions of your security organization:
- How you are measuring the risk from each element of the matrix in your current environment?
- Then, how you are controlling for that element of your mobile risk?
Combining UEM with Lookout gives you a comprehensive enterprise mobile security approach that adds endpoint protection on top of centralized control and policies. UEM provides the ability to manage devices (and remotely wipe them when necessary), separate personal and enterprise data, control access to enterprise apps, manage authentication and control access to content.
Meanwhile, Lookout Mobile Endpoint Security provides device-level protection against risks, whether they are app-based, network-based, device-based, web- or content- based. It also lets you set custom remediation policies across different types of threats and risks, and integrates seamlessly with UEM.
Enterprises need to understand the variety of vectors and components of risk that can threaten corporate networks and data via mobile devices to mitigate data compromise and avoid risking compliance. For more information on how to conduct that analysis, download our report on the Spectrum of Mobile Risk.
As chief product officer at Lookout, Santosh Krishnan oversees all Lookout’s predictive security solutions that protect individuals and enterprises alike from mobile attacks. Santosh is responsible for the ongoing development of Lookout Mobile Endpoint Security, providing enterprises with comprehensive risk management across iOS and Android devices to protect against app, network and device-based threats while providing visibility and control over data leakage. With a background in both product management and venture capital innovation, he and his team focus on how to protect against current security threats, while creating security to better prepare for the future.
Lookout is a member of the VMware Mobile Security Alliance. Learn more: