Nmedia - Fotolia
Users want the ability to work from anywhere, but there are numerous threats and vulnerabilities associated with mobile devices that create tangible risks for many organizations.
Mobile threat defense tools complement enterprise mobility management (EMM) and unified endpoint management (UEM) tools to help IT lock down mobile devices and ensure they aren't compromised.
How does mobile endpoint security differ from desktop security?
Mobile OSes, such as Apple iOS and Google Android, do have some inherent security advantages over desktops based on their architectures, which include application sandboxing, inter-app communication protections and application permissions. Mobile apps are centralized via app stores and receive greater scrutiny than desktop applications, which end users can download easily from a browser.
Despite these advantages, mobile security still faces some significant challenges. Mobile devices may contain known vulnerabilities in unpatched apps and mobile OSes that IT must address. Mobile devices also may contain unknown vulnerabilities that IT missed during internal app security assessments. Device jailbreaking and rooting can also facilitate malware infections.
To protect corporate data, IT should deploy additional protections and risk mitigation. Mobile threat defense tools offer a collection of utilities that can address these mobile security concerns.
What can mobile threat defense tools do?
Mobile threat defense tools can analyze all of an organization's mobile devices to look for misconfigurations, such as outdated OS and patch levels, encryption status, password and screen timeout requirements, and enabled developer and debugging modes. They can also test for any devices that hackers may have jailbroken or rooted.
These security controls function at the device level, but there are also app-level defenses that IT can enable, such as app permission reviews, code analysis and app resource usage monitoring, for in use mobile applications. Mobile threat defense tools can also look for security concerns at the network level by monitoring for man-in-the-middle attacks and anomalous background activity that results in data moving to and from a device.
IT can implement these mobile threat defense controls via stand-alone apps or integrations with EMM or UEM tools that provide enterprise-level visibility and control.
What mobile threat defense tools should IT consider?
The following vendors are leaders in the mobile threat defense tool market and may be worth a look for organizations that want a high level of control over mobile threats to their business.
Lookout Mobile Endpoint Security
Lookout is a long-time leader in the mobile security software market, and it offers Mobile Endpoint Security as a mobile threat defense tool. Mobile Endpoint Security monitors for traditional malware and device misconfigurations, risky app behaviors, host certificate manipulation, and Secure Sockets Layer and Transport Layer Security exploits. One of this tool's standout features is the optional integration with its phishing and content protection tools to help IT manage those aspects of mobile user exploits.
Symantec Endpoint Protection Mobile
Symantec is a cloud-based leader in the mobile threat defense market thanks to the Symantec Global Intelligence Network, a threat intelligence network that Symantec runs. This network analyzes the data Symantec collects from its customers to improve endpoint security. Endpoint Protection Mobile also offers broad integration with Symantec's Cloud Access Security Broker and data loss prevention tools, UEM and EMM tools, and numerous security information and event management tools.
Wandera Mobile Threat Defense
Wandera is a lesser-known vendor in the mobile threat defense market, but its Mobile Threat Defense tool is a worthy option nonetheless. Wandera enables IT to easily manage both BYOD smartphones and corporate-issued devices. Wandera Mobile Threat Defense also integrates with UEM products from major vendors, such as Citrix, IBM and MobileIron.
Additional mobile threat defense tools include Better Mobile Security, Pradeo Security Mobile Threat Defense, Zimperium Mobile Threat Defense, Webroot SecureAnywhere and Malwarebytes Endpoint Protection.
When does an organization need a mobile threat defense tool?
Mobile threat defense may not be necessary in every organization. After an internal audit of mobile security tools and policies, organizations may find that the complexity of its mobility management tools, systems and practices is causing the biggest issues rather than some major external threat.
For optimal mobile security, IT should deploy the most necessary controls and nothing more. Modern mobile devices that run the latest mobile OSes are highly resilient to mobile threats, but they are not immune. IT can often prevent these threats by addressing simple oversights, such as prohibiting end users from making security decisions.