5 Most Critical Mobile Security Platform Components

Focus On Data Protection, Not Mobile Malware

Contrary to the bold headlines about the surge of mobile malware hitting Android devices, the biggest threat to organizations posed by employee mobile devices is corporate data leakage, not malware. By taking a practical and systematic approach to evaluating mobile and endpoint security vendor products, organizations can choose the solution that meets the defined requirements and can be integrated into the existing architecture, said Mike Rothman, analyst and president of Phoenix, Ariz.-based security consultancy Securosis. The consultancy's 2015 Endpoint and Mobile Security Buyers Guide provides an overview of areas that should be considered. In an interview with CRN, Rothman explained some of the most important mobile security components that should be supported in vendor platforms.

1. Patch Management

Patching should be considered one of the most important functions for PCs and laptops as well as mobile devices and mobile security platforms. The organization needs to understand its operational model to determine whether the operation's team or an endpoint device team within the organization are responsible for hygiene. Identifying which group may be responsible for the activity could impact the evaluation process of the security software. Larger endpoint security vendors may offer a more integrated set of products for small and midsize businesses while enterprises with thousands of employees and a mature IT organization may look at operational platforms, according to Rothman.

2. Configuration Management

Organizations should have a clear set of policies that govern the configuration that should be set for devices if they are connecting to the corporate environment, according to Rothman. Many mobile security products use an agent to monitor corporate resources on a device. They can also be triggered to identify configuration issues that cause a device to fall out of policy, Rothman said. If employees are going to tap into corporate resources, it is possible to define and enforce minimal configuration policies that dictate device settings, unauthorized applications, the presence of fully functional and updated antivirus, and the state of running services on the device.

3. Container Approach

Mobile device security platforms are increasingly supporting containerization to address the melding of personal and business data on employee owned devices. A container can significantly increase the control organizations have over corporate data, according to Rothman. "I think that the reality is that if you are wanting to ensure you have control over anything that is done with corporate data on that mobile device you have to have a container," Rothman said. "That is the way most folks look at the process."

4. Application Controls

Mobile security products should be able to restrict certain mobile apps from accessing corporate resources, contacts and other device data. The software should be able to extend controls on both built-in apps on the mobile device and third-party applications that the user downloaded. If a container approach is supported, controls can persist within the container, giving end users freedom to use the personal part of their device freely, Rothman said.

5. Encrypted Connection, Encrypted Data

A mobile security platform should support the certified encryption algorithms that matter most to an organization, Rothman said. If data encryption on mobile devices is to be enforced, products need to be able to handle devices running operating systems from multiple vendors. Organizations should also consider enforcing a policy that forces users to connect to internal systems via a VPN encrypted tunnel, Rothman said. It prevents snooping or man-in-the-middle attacks that can happen when an employee is connecting from an open wireless access point, he said.