How to Leverage MTD Solutions to Comply with NIST 800-124r2 Guidelines

Share this blog

How to Leverage MTD Solutions to Comply with NIST 800-124r2 Guidelines

Prior to the global pandemic, we were beginning to see a shift in companies realizing the need for mobile device and app security. Private and public sector organizations alike, began to see how hackers were breaching and compromising mobile devices and – in turn – putting their employees and the companies themselves at risk. 

And then came COVID-19. And that understanding became even more apparent. 

COVID-19 created a situation unlike anything many of us have ever seen; yet one that will likely leave permanent changes in how we protect our workforce. With the overnight switch towards entire workforces working remotely from home – on all variety of corporate and personal (bring your own) devices – IT and security teams turned to triage mode from a security and risk perspective.

We observed an immediate change to the mobile threat landscape related to COVID-19 which reinforced the need for mobile threat defense (MTD) solutions as a critical way to protect your users, devices and organization.

We weren’t alone in noticing significant growth in coronavirus-related attacks. Our partner – Google – and others reported:

NIST guidelines

The National Institute of Standards and Technology (NIST) is providing guidance through its Guidelines for Managing the Security of Mobile Devices in the Enterprise. 

Within the report – known as 800-124r2 – NIST talks about the importance of mobile threat defense (MTD) and mobile device management (MDM) solutions when protecting mobile devices. MTD solutions detect and prevent mobile device, network, phishing and malicious app attacks.  An MDM is a management tool. It allows compliant devices to access corporate email, apps via the corporate app store, and data, and it secures data-in-transit between the mobile device and the corporate network. 

The latest NIST 800-124 draft says:

  • MTD systems provide real-time, continuous monitoring, assessing apps after deployment to a mobile device as well as during runtime;
  • MTD can detect and protect the mobile device, apps and end-user against attacks via the wireless network;
  • MTD systems also may detect attacks against an app or OS software;
  • Side-loaded apps may be special-purpose, enterprise-loaded, or whitelisted apps specified by the enterprise;
  • MTD systems monitor the on-the-fly behavior of mobile apps within the current mobile environment, such as when the app navigates to known malicious URLs or phishing sites;
  • Unexpected interactions among apps or use of data on the user device (e.g., the app accesses a device owner’s “contacts” or “location”) also may alert an MTD system to potentially malicious or risky behavior; and
  • Mobile app vetting to detect software or configuration flaws that may create vulnerabilities or violate enterprise security or privacy policies. 

Importance of choosing the right MTD

Zimperium is the global leader in mobile device and app security, offering real-time, on-device protection against Android and iOS threats.  What differentiates Zimperium from other MTD providers is the following:

What about VPNs and MFAs?

You simply cannot have zero-trust unless your devices are continuously protected, even when disconnected from the Internet. On-device and always-on detections and remediations are absolutes in the realm of mobile security.  

Remember, the bad guys only need to get it right once, and you don’t want to rely on a cloud connection solution. Zero-day/zero click attacks are now common, and signature based defenses along with cloud “calls” are obsolete.  

Advanced Persistent Threats (APTs) and newly found Common Vulnerabilities and Exposures (CVE) from nation sponsored attacks continuously test the new perimeter. Current mobile technologies, like MDMs, VPNs, or MFAs – which are not designed to perform threat detection –  are not sufficient against these attacks.   

Contact us

To learn more about how Zimperium can address your mobile device security needs, please contact us. If you would like to learn more about actual mobile attacks and what enterprises and agencies can do to protect themselves, please download our “Anatomy of a Mobile Attacks” whitepaper. We are here to help.

Jim Kovach
Author: Jim Kovach
Mobile Security Specialist, Public Sector. View the author's experience and accomplishments on LinkedIn.

Get started with Zimperium today