Every year Gartner publishes more than 100 “Hype Cycles” for buyers of technology which are refreshed and published every July because the third quarter is typically a planning quarter for technology buyers. Zimperium, the global leader in mobile device and app security, is a part of several Hype Cycles, including:
- Hype Cycle for Frontline Worker Technologies, 2020 (July 7, 2020; Leif-Olof Wallin and Rob Smith) – A frontline worker’s job tasks are often drastically different than those of a desk-based worker, requiring different and optimized solutions. I&O leaders responsible for mobility for frontline workers should evaluate the technologies in this Hype Cycle.
- Hype Cycle for Privacy, 2020 (July 23, 2020; Bart Willemson and Bernard Woo) – Security and risk management leaders managing technology, information and resilience risk must consider privacy a top priority. Laws and privacy-preserving technologies that protect business value and build trust with individuals are covered in depth to support prioritization of risk and investment.
- Hype Cycle for Application Security, 2020 (July 27, 2020; Mark Horvath) – Today’s pace of application development is continuously accelerating, giving way to complex, interconnected software systems. Security and risk management leaders need to adopt innovations in the application security space to handle the growing complexity.
Each report provides thorough analysis and is a great source of research. Today, I’d like to talk a little about Gartner’s Hype Cycle for Endpoint Security, 2020 (July 15th 2020; Dionisio Zumerle and Rob Smith) which tracks the innovations that aid security leaders in protecting their enterprise endpoints from attacks and breaches. Security leaders are asked to protect endpoints from attacks, while also allowing access from any device to any application over any network, with minimal impact on user experience.
From a mobile security perspective, the comprehensive report provides many compelling insights. I’d like to examine two points:
- “Increasingly mobile devices are involved in advanced attacks, sometimes as part of a broader attack. For example, mobile phishing attacks can obtain account credentials that an attacker can reuse against an enterprise API, or on a corporate laptop.
- “Because of the current lack of visibility on mobile devices, most organizations never identify these portions of the attack. MTD (mobile threat defense) solutions, stand-alone or as part of a broader EDR (endpoint detection and response) or UES (unified endpoint security) deployment, can improve detection of attacks against enterprises.
In our blog – The Ultimate Endpoint – we discuss how mobile security is one of, if not the single most important facet of enterprise security being overlooked or under-supported, therefore posing a massive threat to organizations. While every security team has defense-in-depth solutions protecting desktops and laptops, there is no such depth of protection for mobile devices.
We know an endpoint is an endpoint is an endpoint and enterprises must protect those endpoints – laptops, desktops, mobile devices – that have access to, and/or contain corporate data.
The reality is, 60 percent of a typical enterprise’s endpoints are mobile devices, and they are unprotected. Another reality is, there are several things an enterprise must consider when looking to protect its endpoints:
- Mobile device management (MDM) products, virtual private networks (VPN), and multi-factor authentication (MFA), do not protect your device from phishing, network, OS/device, or mobile application vulnerabilities and zero-day threats;
- MTD offerings exclusively dependent on a “cloud connection” are inherently sub-standard for continuous protection;
- On-device and always-on is the only path for enabling zero-trust mobile operations;
- With smaller screens, and less space to identify troublesome URLs, phishing detection and prevention is particularly important for mobile;
- Enterprises require robust administration consoles and features that looks at all the endpoints; and
- Protecting mobile applications is integral to the overall security of the mobile device.
To learn more
To learn more about how Zimperium can protect your enterprises’ mobile devices, please contact us.