igor - Fotolia
Go beyond UEM security to prevent mobile attacks
UEM tools provide a baseline of mobile security functions, but to prevent mobile attacks, IT should add a mobile threat defense tool to its security repertoire.
Unified endpoint management security utilities alone can't provide the visibility that IT needs to detect and prevent mobile threats.
The ability to track mobile attacks such as data breaches isn't a common feature in unified endpoint management (UEM) tools. Instead, organizations should combine UEM tools with mobile threat defense to bolster mobile security.
The importance of a mobile security strategy
Many end users, such as sales representatives or field service workers, use their mobile devices to perform work-related tasks. This requires access to the corporate network and apps and can expose mobile devices to security threats.
There is a major disconnect between IT and mobile users. Up to 65% of mobile device users believe they've had a security issue with their mobile device, but only about 35% of IT managers believe their users have experienced mobile data leaks, according to a survey from J. Gold Associates.
Few organizations have the tools in place to discover just how much data they lose through mobile devices, and this is major problem. In the past, mobile devices had limited local data to steal, but modern mobile devices have so much more local storage available. These devices can easily hold large customer data bases and other personal information, which makes them a more enticing target for hackers.
What should IT do about mobile threats?
IT has two main ways to protect mobile devices from data loss and other threats. These two options are UEM security and mobile threat defense tools, and IT can often use them in a complementary fashion.
At a minimum, organizations should keep track of their managed devices with UEM security. UEM tools allow IT to configure numerous baseline mobile device security standards, including the following:
- Set on-device password complexity requirements
- Enable encryption of all data on the device
- Create a company profile separate from personal data
- Enforce the use of a VPN for any connections to the corporate network
- Limit or eliminate the ability to install any apps on the mobile device to minimize the damage caused by malicious apps
- Verify and enforce patches and updates to the device OS to ensure users have the most secure version
- Install and manage any additional mobile device security apps that protect against malware and other mobile threats
Next, organizations should evaluate the various on-device mobile apps, such as Lookout, Zimperium and Cylance, which protect against malicious activity. While each app operates in a slightly different way, their main purpose is to monitor mobile device activity, identify any anomalous behavior and shut it down before the behavior can lead to a security incident or data breach. These apps provide an additional level of protection beyond the inherent security of the OS and attempt to reduce the risks of corporate data loss.
One effective option for organizations concerned about mobile threats is to combine the best features of UEM and mobile threat defense tools. Mobile threat defense tools can enhance the built-in capabilities of the device through proper setup and management, and many of these mobile threat defense tools can also connect to UEM security utilities.
This integration offers additional oversight and reporting capabilities above and beyond what the tools can do on their own. The combined data analysis that mobile threat defense alongside UEM can provide is vital in detecting and eliminating any ongoing threats -- especially if users are allowed to freely download apps to their device without the proper separation of work and personal spaces. This is the only way organizations can be sure that their mobile device fleet won't lead to a data breach that could potentially cost hundreds of thousands or even millions of dollars to mitigate.