The missing mobile puzzle piece

November 2017 Cyber Security, IT infrastructure

With mobile malware and ransomware proliferating at a rapid rate, companies are recognising the need for security technologies to protect network resources accessed by employees with their devices. But, they’re missing an important piece of the puzzle.

“A mobile management solution holds little ground without a policy in place,” says Michael Morton, a mobile security specialist at Securicom. “Companies are neglecting to define what resources can be accessed and have not identified what devices are already accessing the network. End user training and education are also pushed aside as there’s an assumption that a mobility management solution will take care of the risk. However, it doesn’t work that way.

“Companies should know what devices are accessing their networks. Restrictions should be placed on what information can be accessed, and employees need to understand what they are and why they are there.”

He continues: “A mobile device policy should be developed to define what mobile devices are permitted to access on the network. This sounds elementary, but the number of clients that don’t have a mobile security policy defined is surprising. They know they need to manage mobile devices in the enterprise, but have no idea where or how to implement it. A sound policy is the very foundation.”

The most sensible way to address the burgeoning bring-your-own-device and bring-your-own-app trends is to first define a policy around their usage and then deploy an effective mobility management solution to enforce that policy. To complement this, Morton recommends a Network Access Control (NAC) device.

“This device allows you to define what devices are allowed to connect to your network, and what they are allowed to access once they are on the corporate Wi-Fi. The NAC can also perform some host checking functions and integrate with a mobility management solution. The mobility management tool can inform the NAC if any suspect applications are on a device, and based on this, access to the corporate network can be limited or removed.”

When it comes to mobility management and security tools, not all are created equal. In a true enterprise mobility management solution, features like Application Risk Management and Threat Management can assist in detecting and remediating mobile malware. Application Risk Management reviews the reputation and security state of applications installed across the device base. Threat Management takes it a step further, allowing for the detection, analysis and remediation of malware on mobile devices across the enterprise.

Morton stresses though that combating mobile malware in an enterprise requires a multi-approach that includes the use of such technologies as well as behavioural change.

“Educating your end users around what malware is, how it works, and how to detect and or remove malware from a device is critical to stamping out mobile malware in an enterprise. Most people believe that if they have a mobile security tool or an anti-virus installed, they are protected. However, while these applications greatly assist in protecting devices, the end user has the final say. They are the ones downloading applications from untrusted sites, or opening malicious links in an SMS. As end users, we need to be more security savvy because remember, all cyber criminals have an agenda.”

For more information contact Securicom at www.securicom.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Exploiting the global pandemic
Issue 7 2020 , Cyber Security
Cyber criminals targeting remote work to gain access to enterprise networks and critical data reports FortiGuard Labs.

Read more...
Integrated security is key to Huawei Mobile Services
Issue 7 2020 , Cyber Security
To ensure sufficient mobile device security, the technology giant incorporates security into its chip, device and cloud capabilities.

Read more...
Cybersecurity becomes key enabler of sustainable business growth
Issue 7 2020 , Cyber Security
The adoption of rushed digital transformation strategies has left many facing unintended complexities and challenges.

Read more...
Africa under cyber-attack
Issue 7 2020, Kaspersky , Cyber Security
Kaspersky has reported that South Africa, Kenya and Nigeria saw millions of cyber-attacks in 2020 and the year is not over yet.

Read more...
Challenges healthcare is facing
Issue 6 2020 , Cyber Security
The healthcare industry has been forever changed by digital transformation, but cybercriminals are targeting the healthcare sector now more than ever.

Read more...
Secure IoT devices and networks
Issue 6 2020, Technews Publishing , Cyber Security
Check Point Software’s IoT Protect solution secures IoT devices and networks against the most advanced cyber-attacks.

Read more...
SentinelOne Protects the AA
Issue 6 2020 , Cyber Security
National provider of 24-hour motorist assistance stays on the road thanks to accelerated, AI-powered threat prevention, detection and response.

Read more...
Protecting database information
Issue 6 2020 , Cyber Security
SearchInform has officially released Database Monitor, a solution for the protection of information stored in databases.

Read more...
Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Read more...
Agility, meticulous alignment and testing
Issue 5 2020 , Cyber Security
Data loss can put the nails in the coffin for unprepared businesses. Investing in cyber resilience is key to succeed in the age of digital transformation.

Read more...