Jamf After Dark: mobile forensics
Jamf After Dark discusses how mobile forensics gives organizations actionable insight into advanced threats to close critical security gaps in modern enterprises.
Introduction
In this episode of Jamf After Dark, our hosts Kat Garbis and Josh Thornton welcome guests Christopher Deane, Senior Sales Engineer and Harry Jenkins, Security Sales Manager, both from Jamf. The crew discusses how mobile security remains a blind spot — prioritized behind desktop endpoint security despite the widespread adoption of mobile devices everywhere in enterprise environments — and how mobile forensics is changing the game.
Security requires defense in depth strategy
Security is not a one size fits all. Mobile security is not a single control.
As Deane explains, mobile device management is only the foundation. Organizations must build on that with threat defense and advanced protections. Even then, some attacks will bypass traditional controls.
That is where mobile forensics becomes critical. It identifies threats that might slip through, triggering a response before damage spreads. For IT teams, the takeaway is clear — device management ≠ security. Without layered protections, mobile devices remain exposed thanks to gaps in security.
Mobile devices are a continuing blind spot
Despite their criticality, and handling and storing of sensitive data, mobile devices are often underprotected.
The podcast highlights how personal use, privacy concerns and BYOD initiatives blur the line between where personal use ends and work begins.
This lack of clear delineation creates hesitation around implementing and enforcing security controls. For example, end users expect privacy, while organizations need visibility.
The result? Protections that are inconsistent at best and difficult to enforce at worst.
At the same time, mobile devices are now primary endpoints. They store sensitive data, access corporate systems and travel everywhere with users, making lack of insight into mobile health a risk multiplier.
Mobile forensics fills the visibility gap
Harry Jenkins points out a common gap: If a user reports a suspected compromise, many IT teams cannot investigate it, and replacing risky devices does not solve the problem.
Attackers continually target individuals, but the impact is felt in the software and hardware. So, when something feels off on a device, many organizations lack answers as to how it happened and what it continues to do.
Mobile forensics changes this.
It analyzes device behavior, logs and anomalies to determine whether a compromise occurred. It can detect sophisticated threats, including spyware and zero-day exploits, without impacting user privacy. And for high-value targets, like executives and journalists, this capability is essential to turn uncertainty into actionable insight and ultimately, remediation.
Conclusion
Mobile threats are evolving.
Bad actors are incorporating AI to not only boost sophistication but make threats harder to detect and stop through traditional threat defense tools. Mobile forensics adds the deep visibility and response capabilities organizations need to identify threats and close security gaps.
For teams managing Apple devices across their infrastructure, it’s become a critical part of a modern security strategy.
