The corporate environment of today is reliant on the mobility of each of its employees or team members. By mobility I mean ,each member of the corporation’s team must be in contact with each other at all times, at a moment’s notice. In order to maintain this connectivity,team members must use devices that can allow them to be untethered and unhooked from the standard ethernet cable, and out in the fast-paced land of device mobility. To do so, they have adopted the use of mobile devices ranging from the iPad and Galaxy Tab to smart cell phones such as iPhone and Motorola Droid.
These mobile devices are so powerful and versatile, that companies are no longer issuing laptops for employees to take into the field,but are now relying on mobile cellular devices or tablets to provide what is needed, work efficiency and mobility. Leading information technology influencers, like Gartner Research as well as renowned news sources like Forbes, and BusinessWeek, have all published reports on mobile devices vs. laptops/PCs in today’s work environment. These reports point to the demise of the outdated PC and the increased usage of new mobile devices. This blog is a perfect example of this statement, as it is being generated, created and edited on a mobile device with a portable keyboard.
The power that a mobile device user has in his or her hands is unprecedented, however with that kind of power should also come responsibility, right? So, what does the power of mobility, the device distribution, allowance, and governance, have to do with responsibility? It should come as no surprise that the mobile device of today is not the antiquated device of yesterday. Today’s mobile device user can send, transmit or even take a company to bankruptcy, anywhere in the world, with a single tweet, post or picture taken with his 10 megapixel mobile device camera. What are companies doing about it? Companies are using Mobile Device Management software, also known as MDM, in an effort to detect, monitor and prevent data breaches and information leaks. Is MDM the answer to the investigation of a data breach?
Let’s take a look of the Evolution of MDM. MDM was first introduced in applications or wrappers which allowed the user to utilize the MDM application to conduct the “work” via the mobile device. This would assure all “work” would be safe within the MDM application. Both the user and the corporation felt safe that important company information was not being leaked or transmitted. MDM was a safe way to provide employees with the opportunity to work while on the road without the risks, other built-in unsafe applications used for email, SMS, etc., could bring to their security.
The next step in the MDM evolution was the introduction of a full administrative tool. When the MDM software application was installed, it would monitor the device for approved applications, reset the device should it be lost or stolen, monitor and capture data sent to an administrative server. This is not an exhaustive list of all of the features an MDM software can provide, but it does mimic what a BES (Blackberry Enterprise Server) has done with Blackberry devices for years.
The problem with the onslaught of MDM software in the corporate environment is the false sense of security it may bring when a critical incident occurs. MDM software providers should be the first to admit their software is not made for incident response. However MDM software will be a reported 16 billion dollar industry by 2016, so why would they rush to admit their shortcomings? In the BYOD world, the MDM solution cannot operate outside of the company’s predefined applications, leaving the other applications running on the devices open and unsecured. So, where do you think insider threats, malware and security breaches are likely to come from? How do companies maintain security outside of the MDM “wrapper” when a breach occurs? Quite simply, they cannot. This is one of the main reasons AccessData has incorporated mobile endpoint monitoring (Mobile EM) capabilities into the ResolutionOne™ Platform.
Mobile EM integrates into the ResolutionOne and CIRT™ platforms to provide comprehensive visibility (detect threats and data leakage), data intelligence and resolution across mobile devices. It allows enterprises to utilize their current MDM or MAM software to set mobile device policies. As an industry first, it also enables real-time proactive mobile endpoint monitoring solution that MDM software solutions simply cannot provide. The big key take-away is proactive.
Companies have suffered too long by reacting to security incidents resulting in enormous consequences. A recent study sponsored by AccessData and the Ponemon Institute, shows that 86% of respondents found the detection of a cyber-attack takes too long putting companies at a significant risk. The study also found that 86% of respondents viewed mobile e-discovery and mobile analysis as a difficult process when tied to a company’s breach investigation.
Mobile EM agent is delivered to iOS and Android device/endpoints that are connected to the enterprise’s network via a MDM or MAM application catalog. The devices are then monitored by the ResolutionOne™ platform where network communications and mobile device data is captured at predefined intervals. The data is auto-correlated with the integrated, customizable ThreatBridge engine’s threat intel library to identify any known threats such as malicious IP addresses and Domains along with known malware. It also detects unknown threats by providing visibility into network communications and running processes, so anomalous activities can be identified and remediated.
Filling the gap between MDM and IT mobile security visibility, ResolutionOne Platform with mobile endpoint management delivers the first true mobile forensic and security solution needed in today’s nomadic workforce.