Page 46 - Mobile Data Loss
P. 46
40 Mobile Data Loss
organizations this still isn’t quick enough. As a result, some EMM
solutions now allow a local policy to reside on the device to respond
more immediately to an identified threat, perhaps even if the device is
not network connected and cannot communicate back to the EMM
management console. This can allow the corporate container on the
device to be selectively wiped to avoid a breach of corporate data.
This occurs more in real-time without the need to “phone-home” to
the console.
These proactive and reactive mobile security controls can be
summarized in the following table:
Holistic Mobile Security
Proactive Reactive
PIN/Passcode Malicious & Risky App
Detection
Encryption
Jailbreak/root detection
Strong Auth/Certificates
Containerize Corp Content App Reputation/MTP
& Apps Closed-loop compliance
Per-App VPN actions
Auto-block enterprise
Secure Mobile Gateway
network access
Network Access Control
Selective Wipe (Corp Apps,
User or device certificate to Data, Email, etc.)
thwart MITM attacks
Compliance Reporting/
Vulnerability Scanning
Alerting
This mobile security strategy should also be complimented with
Live Monitoring. Live Monitoring can include a console that provides
a view into the changing landscape of security posture of devices and
their access to enterprise resources on the network or in the cloud.
It should also send alerts to key staff members, provide logging and
audit trails, and include integrations with security information and
event management (SIEM) and big data analytic tools. This enables
the day-to-day activities for maintaining the overall health of the
mobile deployment, but also feeds into the incident response plan, and
even perhaps post-mortem forensics.
Not all incidents warrant a forensics investigation. In fact, most
security incidents are a matter of daily security administration, much
of which is automated through your EMM. Additionally, these may
