The world has changed and we all know it. Mobile operations are at the forefront of every organization and so is mobile security. We’ve all seen attacks as simple as malicious apps, SMS phishing and man-in-the-middle attacks; to the more challenging, such as elevation of privileges, exfiltration of data and command and control manipulation. What you may not have read is the Anatomy of Mobile Attacks whitepaper, where you’ll learn what an actual attack looks like and what enterprises and government agencies can do to protect themselves.
The threats have been declared by all relevant agencies including The Department of Homeland Security (DHS) and Department of Defense (DoD) and leading industry experts.
The National Institute of Standards and Technology (NIST) has provided guidance via 800-124 and MITRE offers their ATT&CK Mobile Matrices, which describes the 13 tactical techniques and over 100 methods of exploitation that hackers employ against your mobile devices.
You’ve been warned and now is the time to act. However, not all mobile security solutions are created equal.
Here’s what really matters in this new era of mass teleworking using mobile devices:
- Mobile device management (MDM) products, virtual private networks (VPN), and multi-factor authentication (MFA), do not protect your device from phishing, network, OS/device, or mobile application vulnerabilities and zero-day threats;
- Mobile devices are logically just another end-point, but they are also the new Perimeter and are very powerful computing platforms requiring protection against very real and imminent threats;
- Mobile Threat Defense (MTD) offerings exclusively dependent on a “cloud connection” are inherently sub-standard for continuous protection;
- On-device and always-on is the only path for enabling zero-trust mobile operations;
- Enterprises require robust administration consoles and features; and
- Protecting mobile applications is integral to the overall security of the mobile device.
You simply cannot have zero-trust unless your devices are continuously protected, even when disconnected from the Internet. On-device and always-on detections and remediations are absolutes in the realm of mobile security.
Remember, the bad guys only need to get it right once, and you don’t want to rely on a cloud connection solution. Zero-day/zero click attacks are now common, and signature based defenses along with cloud “calls” are obsolete.
Advanced Persistent Threats (APTs) and newly found Common Vulnerabilities and Exposures (CVE) from nation sponsored attacks continuously test the new perimeter. Current mobile technologies, like MDMs, VPNs, or MFAs are not sufficient against these attacks.
We are here to help
Future-proofing and protecting your data and your investment should be an important consideration, given how missions can change quickly.
Zimperium is the global leader in mobile device and app security, offering real-time, on-device protection against Android and iOS threats. What differentiates Zimperium from other MTD providers is the following:
- We are the only MTD vendor who can deploy On-Premises;
- We were the first FedRamp Authorized MTD vendor, with an authority to operate (ATO);
- We are the only mobile security solution offering on-device, machine learning-based detection of device, network, phishing and malicious app attacks on Android and iOS devices;
- Zimperium is the only MTD vendor supporting Microsoft ATP Defender, Microsoft Endpoint Manager, and Sentinel in the Azure Cloud;
- We are the only provider with a complete suite of solutions that protect mobile apps from development through running on end-user devices; and
- We have value-added distinct integrations with MobileIron, McAfee, and VMware AirWatch/Workspace One.
Whether you deploy On-Prem, FedRamp, GovCloud, Azure, AWS, Google, Oracle, your VPC, or our commercial cloud, only Zimperium can meet the demands in flexibility, required by government agencies and their industry mission critical partners.
All of this enables you to future-proof your investment in mobile security. To learn more, please contact us. If you would like to learn more about actual mobile attacks and what enterprises and agencies can do to protect themselves, please download our “Anatomy of a Mobile Attacks” whitepaper. We are here to help.
Jim Kovach is Vice President of Public Sector for Zimperium, supporting Federal, State and Local governments.