Much of the conversation around mobile security centers on machine learning, zero day attacks and sophisticated state-level malware attacks. The most notorious mobile threat, for example, is Pegasus. This headline-grabbing spyware threat was admirably discovered by Lookout (among others) and sent shockwaves throughout the cybersecurity market. However, only a handful of devices in the world have ever been exposed to malware… ever. What this means for the average enterprise is that threats such as Pegasus are so marginal that there is no need to bother protecting their own devices against them.
For this type of malware, they’re probably right. Yet ultimately, the wider mobile security landscape includes all kinds of attacks that are far more prevalent – it’s just that they don’t generate the same volume of headlines.
The market is experiencing a strange phenomenon at the moment. While almost every single enterprise is entirely aware of the threats they’re exposed to on desktop machines and on networks they own, they have almost zero visibility when it comes to mobile devices and the networks they usually connect to (public WiFi or 4G, for example).
You can’t Defend Against What You can’t See
This strange status is captured neatly in research published by the Enterprise Mobility Exchange, which surveyed its members to uncover the familiarity with mobile threats in the industry today. Alarmingly, around half of those working in mobile security in 2019 have no idea about how many mobile security incidents took place in the last 12 months. What this quite clearly demonstrates is that remediating attacks and coping with threats isn’t the priority – simply being aware of what’s happening is the number one challenge for the average organization.
Where is the data going?
This blindness to security events extends to the network traffic too. While some businesses have implemented EMM solutions such as MobileIron or SOTI to manage and monitor their devices and applications, very little is known about how those apps behave in realtime. All apps and websites will communicate with servers located all over the world, but over one third of respondents had no visibility into the nature of these data transmissions. Even among those that did have some kind of monitoring in place, half had no capacity to track such communication in real time. In the wake of news stories such as the ongoing Huawei concerns in the West or the discovery of Nokia devices suspiciously communicating with China, this kind of tracking is critical to mitigating unwanted risk.
Visibility on Unknown Networks
For decades now, technologies have been developed that grant administrators powerful insights into, and controls over, the activity taking place on corporate-owned networks. Secure Web Gateways, Next-gen Firewalls and other tools afford granular oversight to minimize security risks and enforce acceptable usage policies.
These rules immediately go out the window when it comes to mobile, however. The moment an employee connects to a cellular network, uses their home WiFi or signs into their hotel hotspot, that visibility goes to darkness. Any rules around acceptable usage: gone. Any mandates around appropriate content or sanctioned filesharing services: gone. Any protections against network-based mobile threats: gone.
Well over half of respondents had no visibility into these networks, and no security rules around protecting against such risks. Collectively, this data makes it abundantly clear that a large portion of security leaders must invest further in the tools necessary to bring mobile risk in line with traditional IT risk management. That means endpoint-based protection such as MTD, but network-based visibility is essential. NetMotion’s solutions provide visibility, encryption and control of the network itself, regardless of which entity owns the infrastructure – an important component in any multi-layered mobile security strategy.