Page 25 - Mobile Data Loss
P. 25
Mobile Security Countermeasures 19
receive a quarantine command. Instead a local policy selectively wipes
the container. This is particularly helpful in organizations that have
many Wi-Fi-only mobile devices. In fact, the PCI Council added this to
its Mobile Point-of-Sale (POS) “Mobile Payment Acceptance Security
1
Guidelines v1.1, July, 2014. ”
Most recently in Windows 10, the operating system now performs a
device health check to validate the integrity of the device during the
bootup process. This can then be reported to the MDM or EMM and
used to block access to corporate resources.
Summary of Mobile OS Compromise Countermeasures:
• PIN or Password enforcement
• Encryption
• Containerization of enterprise data
• OS Compromise detections (Jailbreak and Root detections) and
Quarantine
• Online selective wipe
• Offline selective wipe
• Out-of-compliance device triggers the network gateway to block access
MALWARE AND RISKY APPS
Based on the plethora of threats I outlined in chapter “Understanding
Mobile Data Loss Threats,” it’s important to detail an approach to
deterring malware and risky app behaviors. Since we know that iOS is
no longer immune to malware threats, a comprehensive mobile security
strategy should address these threats across all of your mobile devices.
Anti-virus alone has taken a backseat to more comprehensive mobile
malware security products. The reason for this is that on a mobile device
anti-virus is just another app, and therefore the sandboxing limits its abil-
ity to remove a malicious app, limiting it to alert the user and rely on
them to remove it. This is very different from the PC world where we’ve
always relied on anti-virus to both identify the threat and remove it.
Due to this shortcoming of anti-virus alone, a new group of
products has emerged referred to as App Reputation and Mobile
Threat Prevention. This is a broad exploding category of products
1 https://www.pcisecuritystandards.org/security_standards/documents.php
