There are specific requirements around incorporating mobile device usage restrictions, scanning a device for software updates and patches, and conducting operating system (OS) integrity checks within the cybersecurity mix of an organization. A Mobile Threat Defense (MTD) solution provides DIB members with the mobile security capabilities needed in order to achieve their CMMC mobile security compliance.
The CMMC Level 2 Assessment Guide references NIST SP 800-124r2 “Guidelines for Managing the Security of Mobile Devices in the Enterprise” under practice AC.L2-3.1.18. In section 4 “Overview of Mobile Security Technologies,” NIST explains that mobile security technologies have evolved over the past decade and details how these solutions work together to enable robust mobile device security. NIST 800-124r2 specifically distinguishes MTD from EMM, MDM, and MAM in section 4.2.3 “Mobile Threat Defense” by outlining the following MTD capabilities:
- Real-time continuous monitoring
- Assessing apps after deployment and during runtime
- Detecting and protecting mobile devices, apps, and end users against attack via wireless network
- Detecting attacks against an app or OS software, such as side-loaded apps
- Detecting and alerting users to unexpected interactions among apps or use of data on the device
Organizations Seeking Certification (OSCs) must supplement their management tools (MDMs and MAMs) with an MTD security solution. The CMMC Level 2 Assessment Guide’s “Discussion [NIST 800-171 R2]” references SP 800-124, which defines MTD’s capabilities for augmenting mobile device security technology stack specifically. MTD is critical for companies seeking CMMC Level 2 Assessments because it ensures comprehensive threat mitigation and provides countermeasures for exploitation of underlying vulnerabilities in devices and credential theft via phishing.