Mobile devices are exploding onto the business front, necessitating a shift in enterprise security strategies. According to Andrea van der Westhuizen, McAfee product manager at AxizWorkgroup, IT security operations that were once smooth-running have recently come under intense pressure to adopt new technologies and fully support entirely new platforms, operating systems and architectures.
McAfee Labs established that new malware targeting Android devices jumped 76%in the last quarter.
“The need to secure mobile devices from attacks has never been more important,” says Van Der Westhuizen.
“Enterprise needs new technology and comprehensive security policies that will help them to address the challenge of securely incorporating these new mobile platforms into their environment. I believe that the emerging mobile malware that we are seeing today is just the tip of the iceberg.”
Traditional endpoints relied mostly on e-mail and Web for application framework. Mobile has a whole new freedom in custom applications. But each new application – either public or private – introduces new threats and risks to corporate IT.
Today, challenges include the consumerisation of IT, mobile platform diversity (including Android, BlackBerry and Windows Phone) and an explosion of applications.
“We follow a three-pronged approach for protecting mobile devices, mobile data, and mobile applications. It is designed to help businesses and consumers manage their devices securely, as the threat environment quickly evolves,” says Van Der Westhuizen.
McAfee offers the following for protecting mobile devices:
* Enterprise Mobility Management software brings the same level of security and control to mobile devices – including employee-owned smartphones and tablets – that IT applies to laptops and desktops.
* Anti-malware protection in the form of a virus scan helps against the growing number of threats that are targeting mobile devices.
* SiteAdvisor technology offers Web protection that alerts mobile device users when they are accessing malicious sites, such as phishing sites.
Protecting sensitive corporate data is a requirement, especially to ensure that only those devices with encryption access the corporate network and data:
* Preventing data leakage is crucial from jailbroken and rooted devices.
* Anti-theft and loss features allow for remote backup, lock and wipe to make sure that sensitive data does not get into the wrong hands.
* Additional data protection technologies are under development that will include the separation of business and personal data.
Beyond traditional e-mail and Web, mobile apps are readily available and proliferating by the millions, which is quite possibly the biggest threat vector of the future:
* App Alert software informs users how applications access their personal data.
* McAfee’s Global Threat Intelligence is expanding to include mobile app reputation services in order to identify malicious apps as well as ones that are capable of putting privacy at risk.
* App-scanning technology is ideal for re-sellers. It adds a crucial layer of application security that helps vendors to provide customers with a safe app experience.