Skip to main content
Site Search
  1. Home
  2. Blog
  3. Moving Target: The Evolving Risks of Enterprise Mobility Recap

Moving Target: The Evolving Risks of Enterprise Mobility Recap

Join Jamf and SASIG as we present “Moving Target: The Evolving Risks of Enterprise Mobility.” The webinar highlights the security risks prevalent in organizations that utilize mobile devices. Also, we discuss the challenges to safeguarding devices, users, and business apps, as well as provide key strategies to integrate mobile into your security stack.

December 11 2024 by

Jesus Vigo

Jamf helps you manage and secure Apple in the enterprise.

Recently, Jamf and SASIG sponsored a webinar titled “Moving Target: The Evolving Risks of Enterprise Mobility.” Jamf’s very own Dr. Michael Covington, VP of Portfolio Strategy, presented in a one-hour session with accompanying Q&A regarding the increasing risk unsecured mobile devices pose to the enterprise.

Dr. Covington covered critical topics that affect organizational security postures, such as:

  • Risks mobile-first organizations face when empowering workers with mobile access to critical apps
  • Mobile use cases, including BYOD and policies to protect the mobile workforce
  • Best practices for incorporating mobile devices into the overall endpoint strategy

In this blog, we recap several salient points introduced during the webinar, providing just enough to whet your appetite for the main course.

Skip the appetizer and get right to the entree.

Watch Now

Misconfigured devices silently introduce risk

Did you know: “In 2023, 25% of organizations had at least one user with lock screen disabled.

The stat above comes by way of the Jamf Security 360: Annual Trends Report 2024, which means that business data stored on affected devices was not encrypted. Not only does that leave sensitive and confidential data unprotected, but in the event that a device is compromised, lost or stolen by a threat actor, the data is accessible to anyone with physical or remote access to the unsecured endpoint.

While this percentage may not appear like a large number at the outset, when considered alongside compliance requirements, this poses a considerable impact not only on endpoint security but also on businesses’ ability to comply with federal and/or regional laws in regulated industries.

Prevention > Remediation

As Dr. Covington discusses in greater detail within the webinar, effective security management requires a layered approach to provide comprehensive protection across your security stack. This is unscored by the Mobile Security Requirements, a method of establishing a framework to identify and prioritize your organization’s mobile priorities.

  1. Security Config
    1. Manage OS and App vulnerabilities
    2. Audit for compliance
    3. Prevent data loss
  2. Resource Access
    1. Control application access
    2. Protect data in transit
    3. Implement risk-aware access
  3. Attack Prevention
    1. Detect malware
    2. Prevent malicious network activity
    3. Neutralize phishing attacks
  4. Threat Hunting
    1. Collect telemetry
    2. Perform IOC analysis
    3. Identify spyware

At each level, combined with their respective subtasks, IT and Security teams utilize best-of-breed management and security solutions to perform the tasks that manage vulnerabilities, apply patches, vet apps, establish and maintain secure baselines, and enforce acceptable use and data policies on mobile devices to prevent threats and mitigate attacks beforethey can evolve into data breaches.

Find malware before it gets your endpoints

One critical facet of cybersecurity that is sometimes overlooked is threat hunting. This requires experienced security professionals with a deep understanding of hardware and software, as well as the ability to meticulously scan code to identify threats that may be dormant or otherwise go undetected within your enterprise.

Part art, part science, threat hunting is not only crucial to keeping your organization free from threats but, when paired with the proper tooling, can significantly aid researchers in stopping sophisticated threats deployed by bad actors to compromise endpoints, business apps and sensitive data.

Dr. Covington explains how comprehensive solutions, like Jamf Trusted Access, provide tight-knit, secure integration between Mobile Device Management, Identity and Access, and Endpoint Security to holistically support mobile devices within your security stack across their lifecycle.

Trusted Access provides the tooling necessary to address the challenges of the modern threat landscape by providing a means to build upon the Mobile Security Requirements framework. The integrated solution provides organizations with the ability to:

  • Enroll mobile devices, company-owned and BYO, using zero-touch so that endpoints are secured out of the box
  • Automate deployment of secure configurations and settings to all mobile devices across your network
  • Secure endpoints with real-time monitoring of mobile device telemetry, alerting admins if anomalies are detected
  • Prevent known threats and protect against unknown threats with baselines and behavioral analytics
  • Identify users authenticating to endpoints, protecting credentials against compromise by implementing multiple safeguards
  • Access protection through Zero Trust Network Access keeps network connections secure while context-aware policies enforce compliance

Dig into the main course!

Watch Now
Tags: