In an almost exclusively mobile world and the increased usage of mobile devices to access corporate data, cybercriminals started taking advantage of the vulnerability of such devices. As a result, cyberattacks on mobile devices have skyrocketed.
To select a suitable mobile threat defense solution for your business, you need to think about a variety of factors. We’ve talked to industry professionals to get their insight on the topic.
Michael Covington, VP of Product Strategy, Wandera
As businesses adopt a more modern workplace – by supporting remote work, encouraging mobile device use, and investing in native application experiences – it is increasingly important that MTD be used to protect assets operating outside the perimeter.
Security leaders are advised to run an MTD evaluation process and not assume that legacy endpoint protection can defend against mobile-specific attack techniques and threat vectors. Consider the following criteria when evaluating solutions:
Platform support: iOS and Android are fundamentally different platforms, and operate very distinct app ecosystems. Ensure that vendors offer the capabilities you need, specifically on the devices that are relevant to your business.
In-network protection: Mobile security is not limited to the device; mobile businesses face threats in the network, often in the form of phishing attacks, malicious downloads, and C2 exchanges. Choose an MTD solution with a network stack that mirrors the protections you want at the network edge.
Ecosystem: Only invest in an MTD solution if it can be effectively managed. Select a vendor that offers integration points with device management suites (UEM), identity providers (IDP), and security operations tooling (SIEM, SOAR, and EDR) so it fits within existing workflows.
Track record: Choose an MTD vendor with a proven track record of threat research. Review technology assessments from analysts who cover the MTD market.
Patrick Harr, CEO, SlashNext
Human hacking is rising exponentially in number of attacks, channels under attack, and sophistication. Meanwhile, especially in remote work settings, employees are using business- and employee-owned devices for a mix of business and personal – which makes the mobile threat landscape one of the biggest security vulnerabilities there is.
An organization’s choice of a mobile threat defense solution should consider three important factors:
Endpoint, on-device protection
It’s critical to have a solution that can operate on devices. Mobile devices – whether company or employee owned – are the new endpoints in any network. The most effective security against human hacking starts at the endpoint.
Protection for all channels
Today’s phishing attacks are highly sophisticated, impossible to spot attacks coming through hijacked social media channels, SMiShing, rogue browser extensions, and even collaboration channels (like Slack, Zoom, and Teams). To be effective your mobile threat defense needs to guard against attacks in any communications channel.
Protect employee privacy and device functionality
Employees aren’t going to want or use protection on their mobile devices if the solution affects device performance or their privacy. A solution that can protect against and analyze attacks on devices without requiring data to leave devices – means employers cannot see personal activities an employee conducts on that device, thereby protecting employee privacy.