Page 26 - Mobile Data Loss
P. 26

20    Mobile Data Loss


          designed for mobile threats. The key difference here is that they all
          integrate with the EMM to leverage the EMM’s ability to respond to
          an identified threat with a quarantine.

             App Reputation commonly uses the EMM app inventory of the
          mobile devices under management and correlates it against their data-
          base of known malicious and risky apps. It will then report on malicious
          or risky behaviors for each app, either in its own console or also in the
          EMM console to give the administrator a single monitoring dashboard.
          The App Reputation may then feed into an EMM App blacklist to
          spawn a quarantine. It may also tie into APIs to allow profiles to be
          removed from the device and selectively wipe corporate data.
             Mobile Threat Prevention is also a broad category of products that
          rely largely on an anti-virus-like app on the device that may include
          some intrusion detection features, malicious app behaviors, and more.
          These products can also integrate with an EMM to kick off a quarantine
          when a threat is identified on a mobile device. Furthermore, some of the
          features between App Reputation vendors and Mobile Threat
          Prevention vendors have also begun to overlap. Some App Reputation
          vendors have added an app to analyze local behaviors on the device,
          thus providing a more defense-in-depth approach.
             These products are changing quickly with more features always
          being added. App Reputation and Mobile Threat Prevention solutions
          are very important to an overall Mobile Security Strategy as concerns
          about malware continue to increase.


          ACCESS CONTROL AND CONDITIONAL ACCESS

          Ensuring the network is secure for remote access is key in a mobile
          world. Traditionally in the PC world this has been delivered through a
          remote access VPN. Mobile requires a more mobile aware secure
          gateway. This gateway can control access to resources such as
          ActiveSync or Lotus Notes email. In addition, it can control access to
          content, internal web services, and application servers. Access control is
          performed by authenticating the user and the device.

             When a device is under MDM or EMM management, the manage-
          ment system can collect hardware and software information about the
          device. This is key to eliminating impersonation and cloned devices, and
   21   22   23   24   25   26   27   28   29   30   31