It’s too early to say there’s a “right” or “wrong” way to fight mobile-specific malware. Chijiiwa says he hasn’t encountered other examples of cloud-based protection for mobile devices, but thinks it can offer advantages to certain organizations. “It definitely helps an organization that perhaps doesn’t have the resources to tackle the first set of security issues that propagate within the Internet. So, definitely that support is somewhat unique.”
Enterprises should get serious about making their mobile security air tight, says a Canadian security consultant. Because hackers are certainly serious about finding holes in it.
Takeaki Chijiiwa, a principal consultant at Security Compass Inc., a Toronto-based security firm, works for a company that tries to find these holes before the “black hat” hackers do. Thankfully, he says, many of his enterprise clients are coming to the realization that a mobile security strategy should be a top priority. But those that aren’t paying attention should realize how the bad guys are viewing things.
The Bring-Your-Own-Device problem, of course, isn’t a problem for hackers, he says, but rather a golden opportunity to strangle enterprise-connected mobile devices in the crib. Securing smart phones and tablets present a new learning challenge for enterprises, he says, and hackers are keen to use the devices as breach point before the companies get wise. As the number of devices grow, so too do the number of targets.
“I think the black hat community recognizes this and wants to take advantage of the early adoption,” says Chijiiwa.
Enterprises should put a high reliance on Mobile Device Management (MDM), which can control and monitor Android, iPhone and BlackBerry devices that access company data, he says. Without MDM, he warns, mobile devices are “easily targeted as entry points for a malicious user.”
According to Sourcefire Inc., a company that develops enterprise security software, there can be a disconnect in the perception of how wide of a threat BYOD poses, depending on who you ask.
“One of the most fascinating statistics, I think, is according to surveys, 40 per cent of the IT decision-makers say that their employees have access from employee-owned devices,” says Shawn MacCormack, regional area manager at SourceFire, “whereas when you interview the employees, 80 per cent say they have access to their corporate information from their own devices.”
His company has recently released a version of their flagship program, FireAMP, a cloud-based anti-malware platform that uses “big data” analytics, for Android devices (FireAMP Mobile). It examines traffic on the network, analyzes it for suspicious content and then protects the device by controlling mobile app usage via whitelists and blacklists.
One of the benefits of cloud-based management and protection of mobile devices, most of which don’t have the processing power or capacity for large signature files, is that only a lightweight “connector” needs to be installed onto the device itself, MacCormack adds. “We’re not taxing the mobile device more than need be.”