Mobile device security explained

October 26, 2020 | Nick Cavalancia

This blog was written by a third party author.

With recent global health events resulting in a surprise shift to an either completely remote or hybrid remote workforce for many organizations, the need to leverage mobile devices as work endpoints has grown significantly. This has created challenges for IT in maintaining both the ability to manage a wide range of devices, as well as securing them in a way that achieves corporate security objectives and governance.

With a majority of organizations reporting being the victim of a successful endpoint attack in a recent Ponemon Institute study, it’s imperative that organizations include the securing of these mobile devices  to corporate networks, systems, applications, and data. This is the basis for implementing mobile device security.

What is mobile device security? 

Mobile Device Security refers to the protection of critical, sensitive, and otherwise valuable data that either exists on or is transmitted to/from a mobile device that includes smartphones and tablets, . And because mobile devices are not necessarily corporate-owned, the entirety of the BYOD movement can be included.

Accomplishing this is done using a number of solutions – used either individually or in concert – to create an environment where a consistent level of mobile device security is established and maintained, regardless of the device operating system and it’s sometime limiting capabilities around conformance to organizational security needs.

Securing mobile devices is usually achieved using one or more solutions that include:

  • Unified Endpoint Management (UEM) – Central visibility into and management of devices regardless of operating system is critical.  This should include both your traditional endpoint OSes like Windows 10 and MacOS, as well as mobile OSes including iOS and Android. They unify the application of configurations, management profiles, device compliance, and data protection. Customers have a single view of multidevice users, enhancing the effectiveness of end-user support and gathering detailed workplace analytics. These solutions act as a coordination point to orchestrate the activities of related endpoint technologies such as identity services and security infrastructure.
  • Mobile Threat Defense (MTD) – Mobile devices face unique threats due to the form factor, but they too are important endpoints that need protected. MTD can help protect against these unique mobile threat vectors on smartphones and tablets including device, application, network, and social engineering attacks such as phishing.
  • UEM integrated with MTD – By integrating the MTD solution into your UEM solution, this powerful combination can help you accomplish your security policy enforcement, allow for offline detection of attacks when the mobile device is not connected to the internet, and have automated remediation measures taken if malicious activity is detected on the device.

The use of such solutions helps to achieve a consistent baseline of security for corporate-owned devices.

BYOD and other mobile security concerns 

In many cases, the only mobile device accessible to the remote worker is that of a personal device – in order to allow these personal devices to access corporate information, there are management and security policies that should still be enforced.

Unified endpoint management (UEM) plays a vital role in helping organizations establish a modern BYOD security stance. Effective UEM maintains user experience for employees regardless of device ownership, while enforcing BYOD policy.

Ultimately, UEM makes it possible for organizations to devise a more flexible and enforceable BYOD policy. And, a MTD solution will help protect against mobile threat vectors even on BYOD devices. And, by integrating the UEM solution with MTD you can provide the same automated remediation capabilities to protect your coporate data on the BYOD device as a corporate owned device if a threat occurs. 

Another useful resource a business can utilize when it comes to BYOD is a virtual workspace. The use of a virtual controlled environment in which all corporate applications and data reside is often an effective means by which to extend the reach of the company’s secure operations down to a personal device that is uncontrolled and unable to be secured by the organization.

Mobile Protection for Employees

Provides real time visibility into mobile risk on employee devices and integrates with leading Unified Endpoint Management (UEM) solutions.

Learn more

How does mobile device security support wireless security?

One of the other challenges with a remote workforce is the insecure wireless connectivity used by so many.  Even when working from home on a personal WiFi network, the connection from the mobile device and the corporate resource is far from being verifiably secure. Mobile device security solutions can assist in providing security to wireless networks:

  • UEM and per-app or device-wide VPN-  A virtual private network creates a secure encrypted connection over the Internet from the mobile device to the organization’s network. This ensures that any data and communications across this connection is securely transmitted and prevents unauthorized monitoring of or listening to the traffic, allowing the remote worker to securely conduct business from their mobile device. And these can be administered on a per-app or device-wide basis.  
  • MTD – But even with a VPN solution, wireless traffic could still be intercepted with a Man in the Middle attack. An MTD solution helps protect the network threat vector and can help detect against these types of attacks and other unknown threats.

And once again, when UEM is integrated with MTD, business can take automated remediation steps and enforce their security policies if malicious activity occurs on a wireless network.

Benefits of mobile device security

The use of solutions to achieve the goal of securing both personal and organization-owned devices provides the organization with a number of benefits to their cybersecurity initiatives.  The specific devices used are known to IT and security teams, are configured and managed when possible, allow for security policies to be enforced, and limit access to organizational applications, resources, and data. 

The end result is a balance between allowing the remote worker to be productive no matter what device is in use, while still maintain corporate security standards.

Nick Cavalancia

About the Author: Nick Cavalancia

Nick Cavalancia is a Microsoft Cloud and Datacenter MVP, has over 25 years of enterprise IT experience, is an accomplished consultant, speaker, trainer, writer, and columnist, and has achieved industry certifications including MCSE, MCT, Master CNE, Master CNI. Nick regularly speaks, writes and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance.

Read more posts from Nick Cavalancia ›

TAGS:

‹ BACK TO ALL BLOGS