The Evolving Challenges of Mobile Security

A year ago, a conversation about the state of the art of mobile threat defense (MTD) would have included the ability to identify attacks across the various threat vectors – apps, networks, vulnerabilities – and, more importantly, the ability to proactively protect sensitive information, wherever it resides. Remarkably, most MTD solutions had not made much headway on the protection front, but eventually, it will be expected of any solution worth consideration.

Meanwhile, the bad guys have continued to launch more creative attacks while even well-meaning users put data at risk every day simply by using their devices the way they were intended – connecting to networks, installing apps, and yes, even occasionally being behind on their security patches. So where does technology need to go from there? You can always make existing security better, of course. But there are more things that hadn’t even been considered a year ago, but soon will be essential.

Let’s start with those security enhancements. A dizzying array of new technologies have evolved for both inspecting for mobile risks and protecting organizations from them. This includes new core technologies that may be used for multiple detections and protections, such as cross-platform network defense and countermeasures, or xNDC. Here are just a few more capabilities that mobile security specialists are starting to demand:

• Phishing – protection against phishing URLs and malicious domains.
• Secure DNS – ensures mobile traffic is encrypted through application of the secure DNS of choice.
• Router analysis – better detection of compromised routers by detection of untrusted DNS servers.
• Content manipulation classification – smarter detections of content manipulation to detect more granular variations in content patterns, allowing more accurate risk scoring.
• Custom alerts – a secure system to be used for custom security alerts that go directly to users, bypassing cumbersome and unreliable emails.
• Scam phone calls – help users to be more productive by blocking scam phone calls.

What about the apps? The term malware has been ubiquitous in the security space for some time, but we have learned that apps do not have to be malicious to put your sensitive data at risk. The mobile app reputation service (MARS) industry began to evolve around this theory, and it is clear now that this is an essential element of mobile security. MTD solutions should clearly have this functionality built in as part of the core product, and not require customers to purchase separate, unintegrated technology.

Finally, enterprises are starting to realize that the best overall defense of their systems and sensitive data comes from a coordinated and integrated application of multiple technologies. To that end, a collaboration of capabilities is ideal, where threat intelligence may be shared out to make each solution smarter and all solutions will see immediate benefit from new detections, wherever they may occur.

While all of this may sound far-fetched, Symantec has been busy since the acquisition of Skycure, the leading MTD technology, and the technology advancements mentioned above are just a sampling of new capabilities from the last few months. This includes the acquisition and integration of Appthority, the undisputed leader in the MARS market. They built out the most complete mobile application analysis framework ever, including all kinds of risky and unwanted behavior, from app stores in 22 countries around the world. Every company, industry and region has different needs, and Appthority technology allows organizations to specify the unique behaviors and characteristics of apps that create unacceptable risk for them.

SEP Mobile customers now have full access to this technology, directly from the SEP Mobile Console. It is also now possible to bring many of your existing security solutions together for mutual benefit and more effective security overall. Symantec customers can now more easily manage traditional and modern operating system devices with SEP integrations that allow single sign-on to multiple consoles. SEP Mobile also has the power to extend valuable solutions designed for the desktop onto the mobile devices. For example, CASB and DLP solutions provide critical protections for many business processes yet have been difficult or impossible to apply to mobile.

Now, CASB and DLP policies can be easily and seamlessly applied to mobile devices with no additional agent. The same has been done for Web Security Services (WSS).

Furthermore, these integrations all contribute to Symantec’s Integrated Cyber Defense strategy by allowing not only the integration of critical functionality, but the essential and immediate sharing of threat intelligence across solutions and platforms through the Symantec GIN, such as when a new mobile incident is identified, many other Symantec solutions will immediately benefit.

Analysts, like IDC, are also making predictions on where the mobile threat market is going and has a new report that names Symantec a leader in this space.  Read the report here.

For more information on SEP Mobile visit the product page.