Defense in depth: combating modern threats with Jamf

In this JNUC presentation, Adam Boynton, Senior Security Sales Manager at Jamf, walks us through an effective mobile security strategy with Jamf.

October 11 2024 by

Hannah Bien

Defense in Depth: Strengthening Mobile Threat Defense with Jamf title slide

The mobile threat landscape

Boynton sets the stage by describing the current mobile threat landscape at a time where many of us work remotely and/or away from a desk. He refers to current events that affect mobile security like the recent European Union Digital Markets Act that requires Apple to allow third-party app stores and stories about government officials affected by spyware.

He invokes the Jamf Security 360 report, which provides a detailed look into annual threat trends. In particular, he cites:

  • Phishing attacks are 50% more successful on mobile devices
  • 8% of organizations had a mobile device accessing a third-party app store
  • 40% of mobile devices used for work operate with a known vulnerability
  • 1% of devices have confirmed mobile malware

Building an effective mobile security strategy

So what can we do to keep mobile devices safe, especially in a climate where targeted threats are on the rise?

Boynton breaks it down to four steps.

Secure configuration management

He recommends leveraging built-in security features like:

  • Secure app distribution and notarization
  • Malware monitoring lockdown mode
  • Rapid security response patch program

With Jamf Trust, admins can build on these protections and notify the user when their device has an out-of-date operating system, for example. Boynton shows a demo of what this looks like on an iPhone. Jamf can alert users to vulnerabilities on their device and take appropriate action.

The Jamf Security Cloud, a part of Jamf Protect, helps admins visualize and act upon vulnerabilities in their device fleet. With real-time CVE ratings, admins can prioritize security fixes based on their potential impact.

Attack prevention

Next, Boynton discusses attack prevention, particularly:

  • Preventing web-based threats like phishing, spam and cryptojacking.
  • Blocking access to resources if malware is detected on a device
  • Using automatic remediation workflows

He shows a demo of Jamf Trust notifying the end user that they clicked on a phishing link and that it was blocked. Jamf blocks known phishing sites by checking for them in a database; undiscovered sites are blocked with machine learning by looking at certain criteria. Jamf Trust removing work applications after malware is detected is shown as well.

Secure access to data

Cloud and SaaS software is accessible everywhere — authentication into these tools matters for security. Boynton recommends Zero Trust Network Access (ZTNA) per-app VPN to isolate this software from the internet as much as possible.

Jamf can also enforce data loss prevention rules, like restricting copy/paste to or from certain apps.

Hunt new threats

Looking for new threats can be difficult — Jamf Executive Threat Protection makes it easier. Admins can look for anomalies, suspicious behavior or known indicators of compromise to spot problems and act upon them.

Complete mobile security with Jamf

Boynton provides a helpful analogy, comparing a mobile device to his well-defended house to illustrate how Jamf products work together to secure a device.

Jamf Pro, like the brick walls, a gate and a solid front door, give a secure foundation.

Jamf Protect, like locks, a guard dog and barbed wire, defend from attacks.

Jamf Connect, like a video doorbell, helps you make sure you know the person trying to enter.

Jamf Executive Threat Protection, like an alarm system, lets you know when someone has infiltrated.