Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints.
As a result, mobile devices have become a favorite attack target and that trend is not likely to decrease any time soon. Below we look at commonly asked question about Mobile Threat Defense:
1. What is Mobile Threat Defense (MTD)?
Mobile Threat Defense (MTD) protects users and organizations from being compromised on their iOS and Android mobile devices.
2. Why is mobile security important?
In a typical organization today, 60% of the endpoints containing or accessing enterprise data are mobile; the majority of which do not have any security protection today.
3. What are the common attack vectors on mobile?
Similarly to traditional endpoints, the threats and attacks are mainly across device, network and application vectors such as vulnerabilities in mobile OS and app, unsecured WIFI network, man-in-the-middle attacks, malicious apps and phishing attacks.
4. Do IOS and Android have many vulnerabilities?
- In the 1H19, Apple patched 185 CVEs (Common Vulnerabilities and Exposures) compared to 120 during the same timeframe last year, or an increase of 54%
- In the same period, Google patched 255 CVEs compared to 492 during the same timeframe last year, or a drop of 48%
5. What is the value of MTD?
MTD protects device against unknown attacks in real-time that may cause identity theft, loss of sensitive data, financial loss and unauthorized access to your mobile device or app.
6. What is the technology behind MTD?
MTD uses machine learning technology to analyze slight deviations to the mobile device’s OS statistics, memory, CPU and other system parameters, MTD can accurately identify not only the specific type of malicious attack, but also provide forensics associated with the who, what, where, when and how of an attack occurrence.
7. Will the machine learning in MTD impact my device performance?
No. As the machine learning engine processes in the cloud, MTD resources are kept at minimum to avoid any impact of the device.
8. How is MTD deployed?
As the MTD servers are hosted in the cloud, there is zero footprint on premise. MTD’s client can either be installed into the device or embedded into an existing app.
9. What if I only want to protect my apps?
Yes. You can embed MTD in your existing app with a readily available SDK to help detect and defend against device, network and malicious app attacks.
10. Does my mobile device require internet connectivity to use MTD?
No, MTD is capable of detecting previously unknown mobile malware on-device without requiring updates and without the risks of cloud-based lookups.
11. Will MTD send my sensitive information to the cloud?
No. MTD will only send app info, basic device info and geolocation to the server. However, this can be customized to suit user privacy preference with user’s consent.
12. But we have Mobile Device Management (MDM), is it sufficient to protect the device?
MDM only provides basic device management and enforces security policies such as allowing certain apps to run, limiting network connectivity, limiting device permissions etc BUT it is unable to detect if and when the device is compromised.
13. Can MDM and MTD work concurrently?
Yes. MTD can integrate to most MDMs such as Microsoft Intune, IBM, Soti, MobileIron, Airwatch, Citrix and Jamf.
If you missed our Data Protection FAQ series, please visit the links below:
Part 1: https://ecloudasia.com/2020/03/31/file-level-encryption-faq/
Part 2: https://ecloudasia.com/2020/04/01/key-management-faq/
Part 3: https://ecloudasia.com/2020/04/03/database-column-level-encryption-faq/