A recent 60 Minutes story featured John Hering of Lookout Mobile Security demonstrating how cyber thieves infiltrate iPhones and Android phones. Sharyn Alfonsi, CBS News correspondent on this story, asked Hering the following questions, among others:
Alfonsi: Is everything hackable?
Hering: Yes.
Alfonsi: Everything?
Hering: Yes.
According to Gartner, 75% of all mobile applications don’t pass the most basic security tests. This is a sobering statistic when so many enterprise tools are installed in entire fleets of BYOD and COPE (corporate owned, personally enabled) devices. This quote from John Hering says it all: “In today’s world there’s really only two types of companies or two types of people…those who have been hacked and realize it and those who have been hacked and haven’t [realized it].”
What does this mean for your enterprise and its increasingly mobile workforce?
Whether BYOD or COPE, mobile devices unite employees’ personal apps and their organization’s productivity apps within the same repository. Many personal apps look harmless, but they’re often designed to get malware on your device.
For instance, this article from Digital Trends reveals a dangerous form of malware that roots to Android phones and installs as a system application. Lookout calls it “trojanized adware,” and it looks and operates almost exactly like 20,000 popular apps including Facebook, Twitter, Candy Crush, NYTimes, Google Now, Snapchat, and WhatsApp. Once installed, these “trojan” apps push ads to your phone and download apps without your consent – and are almost impossible to remove.
This malware is aimed at individual users for ad revenue, but what other forms of malware exist looking for enterprise data in unprotected productivity apps on a shared device? On his layover in Denver, how does John in sales know the game or personal productivity app he just downloaded is not a new form of subterfuge aimed at breaching your enterprise network? He likely doesn’t, and because of the complexity created by siloed enterprise network platforms along with their IT departments, security admins may not know, either. While they can wipe the infected devices in minutes or hours once a breach is discovered, the problem is in the discovery.
We continue to make the way we work more mobile, and it’s clear that enterprise mobility is opening millions of additional doors exposing enterprise data.
How do you protect enterprise data with the growing sprawl of mobility in your organization?
For most organizations today, IT administrators are spread thinly enough as they put out normal, every day IT fires within their network perimeter. From provisioning hardware/software for new employees to fixing an Outlook outage in a remote BDU, IT admins have their hands full. And as BYOD and COPE mobility continues to extend data access points beyond the walls of secure network perimeters, it’s clear that these access points on our networks pose a broad, serious cyber threat. Enterprise mobile security can no longer take a back seat to network perimeter security. They must be one and the same.
Enterprise mobility security on the device level.
Devices need a containerized workspace to protect enterprise data from personal apps installed with access to enterprise networks. These containers exist, but many operate within VPNs (virtual private networks) that come with high resource utilization and added cost per connection and maintenance. Organizations often find themselves with a device-level security tool that isn’t useful for productivity or business goals.
Syncdog SentinelSecureTM has been designed with these enterprise mobility concerns in mind. We combine subject matter expertise, flexibility, and a lean team of mobile security experts to create a tailored roadmap for our enterprise mobility security solutions – including an affordable licensing model for enterprise deployments uncommon with large software vendors. Our mobile container offers military-grade security with the following benefits:
- Segmented containerized workspace for a wide range of app capabilities including Office Suite, File Manager, DropBox, File Sync, SharePoint, Instant Messaging, Camera, Secure Texting, and a host of others
- FIPS 140-2 certified, AES 256-bit encryption for data both at rest and in transit
- Flexible mobility architecture with capability to monitor IoT connections
- Event log management for security, auditing, and compliance
- Extensive third-party mobility monitoring that includes ActiveSync, BlackBerry, and Good Technology, and others
- Lightweight API for fast integration with any name-brand EMM or MDM, including certified integration with MobileIron, Notify Technology, Inc., and Snow Software
Download our latest white paper, “6 Things That Will Accelerate Enterprise Mobility Security Adoption”, to read more about driving forces that will accelerate enterprise mobility security adoption.
