State of mobile security
Advancements in technology are everywhere but nowhere is it as present as in the mobile device space. Due to increased adoption and dependence on mobile devices, security implications like:
- data leaks
- unauthorized access to private user information
- discrepancies in Mac and mobile endpoint security
- difficulty assessing and maintaining compliance
present greater challenges to mobile security – increasing risk to endpoints, users, business and personal data, and the organization’s overall security.
Read our in-depth technical paper, "Manage and secure your most vulnerable endpoints: Mobile devices" to learn about the State of Mobile Security, its evolving risk considerations and how the convergence of desktop and mobile protections is the future of mobile security.
The enterprise landscape
Historically, organizations choose to align business needs with a single platform. This helps to simplify management while addressing the unique needs of the company. While working within a homogenous environment reduces some of the challenges relating to IT and Security processes, mobile devices combined with distributed workforces have placed a spotlight on the often-viewed consumer-oriented devices.
This creates a new management and security challenge for organizations that have relied on maintaining just one platform. Instead, enterprise IT and Security teams now find themselves at odds, with more traditional tools providing limited to no support for mobile OS platforms and introducing security issues that impact everything from user productivity to the organization’s ability to safeguard users from bad actors and evolving threats targeting the security of their sensitive data.
What are some of the contributing factors impacting mobile security?
- Fragmentation among supported versions within each OS
- Disparate levels of support lead to delays in update deployments
- Different ownership models affecting management (e.g., BYOD/CYOD/COPE)
- Supported vs. unsupported feature sets in MDM solutions
- Ability to assess and verify security telemetry regularly
- Limitations to policy-based enforcement for compliance requirements
- Dissonance between implementing and enforcing protections on desktop and mobile OSs
Convergence and compliance
Speaking to compliance, the ability to actively monitor devices, assess their health in real-time and verify any issues while following up in quick form with mitigation workflows is overshadowed by a critical failure that is often witnessed when it comes to mobile security: balance.
More specifically, balance in this instance refers to the concepts of management and security. Incorrectly framed as a tug-of-war between IT and Security teams, the reality is that relying solely on an MDM solution to pull double duty falls short of the mark. Conversely, organizations that rely on user’s personal devices to access business resources, with best practice standards such as:
- Choose a long, complex password
- Never connect to public hotspots
- Follow security hygiene practices for communications (i.e., don’t open unsolicited attachments, never click on a link or share your password)
- Install comprehensive malware protection
- Encrypt data using volume encryption
without the ability to enforce these requirements through policy-based management lack the necessary insight for effective, adaptable mobile security.
In other words, without device management, how can organizations verify that endpoints are secure and therefore compliant? Similarly, without endpoint security, devices simply cannot be secure. Hence, why balance is such a critical concept. It reduces the risk of devices being over-protected (and subsequently unable to be used for work due to a subpar user experience) or under-managed (insufficient or neglected mobile security that jeopardizes value assets and company resources).
For a deeper look at the State of Mobile Security, including:
- Mobility drivers and how they fit into the larger enterprise deployment landscape
- Rising concerns, risk factors and the modern threat landscape
- Holistic approaches that bridge the gaps between desktop and mobile security
- Adhering to compliance requirements for regulated and non-regulated industries
- And the keys to unifying mobile and Mac management + security
We invite you to review our technical paper: Manage and secure your most vulnerable endpoints: mobile devices, to discover a future where every device enjoys uncompromised protection without any need for trade-offs. This vision represents the ultimate goal: enterprise-secure, consumer-simple technology to manage and secure all of your endpoints.
Mobile device balance is the key to unifying management and security for your entire fleet.
Subscribe to the Jamf Blog
Have market trends, Apple updates and Jamf news delivered directly to your inbox.
To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.