Mobile Device Security for Pharmaceutical Companies

Mobile Threat Defense

Request a Demo


The pharmaceutical industry has generally excelled at physical security, as locking down access to secure research labs, clinical trials and manufacturing / formulation operations are critical to reduced risk and positive results.

Mobile device access to company data, and mobile apps to serve customers, give pharma teams more agility and responsiveness to meet the needs of doctors and patients. Therefore, drug companies must now focus on mobile security to prevent the theft or malicious use of sensitive patient data, drug development R&D, high value IP, operations and legal information. Mobile devices have become the prime threat surface for cybercriminals and industrial espionage.

A strong mobile threat defense posture is a requirement for survival against cyberattacks and the severe losses and damages they can cause any pharmaceutical business.

Download Whitepaper
Mobile Malware
“Mobile malware has not been an issue in the eyes of enterprises so far. However, mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism. Enterprises are now looking for solutions that can enhance their mobile security posture. Mobile threat defense (MTD) solutions combine signature-based checks with behavioral anomaly detection on the device, network and app layer.”

Gartner Predicts 2017: Endpoint and Mobile Security, Analyst(s): John Girard | Dionisio Zumerle | Brian Reed | Peter Firstbrook | Bart Willemsen, 16 November 2016


The proprietary intellectual property, patient data and legal documents flowing through a pharma company have very high potential value for cybercriminals and industrial spies. Trade secrets in this arena can impact multi-million dollar revenue streams.

Researchers, executives and business reps of pharma companies are increasingly relying on mobile devices for both work and personal use, and employees may be accessing company data outside the office to stay productive. Even if corporate IT tries to lock down device usage, security in a world of connected smartphones, tablets and IoT devices, in labs and in the field, cannot be entirely assured by conventional methods.

Hackers use device, network and application (“DNA”) vulnerabilities and attacks to steal intellectual property, copy proprietary production methodologies, undermine patient privacy, and cause legal problems for pharmaceutical companies. These mobile threats include conventional cyberattacks such as email phishing, fake customer support phone calls and SMS messages with malware download links, as well as more advanced methods, including rogue Wi-Fi networks, malware delivery, ransomware, and taking control of any devices that are connected to the Internet.

Protecting employee devices

Employees who are using company-issued devices, or their own devices in a bring-your-own-device (BYOD) scenario, may not keep their devices updated or be aware of high-risk behaviors such as attaching to unknown Wi-Fi networks, downloading malware by clicking on an unknown link or site, or something as simple as letting a child download apps or play on the phone while traveling.

Mobile devices have some security features built-in, but new “DNA attack” vulnerabilities are discovered every day, and new Android and iOS updates are constantly posted. There are also privacy policies and regulations on security management and legal documentation on how much control a corporation can have over an employee’s device and the data on it.

Rogue networks and spy devices

Securing the company’s corporate and laboratory networks may not be enough to prevent new forms of network attacks. Hackers can set up a fake “Free Wi-Fi” access point to lure employees and visitors to connect, then act as a Man-in-the-Middle (MITM) to capture private data, compromise devices or take control of devices to operate them remotely.

Additionally, devices categorized as IoT (Internet of Things) and other mobile-ready technologies you find in the enterprise like NFC location sensors, control and security camera apps, production controls and readers and you realize there is a broad threat landscape. Once a device is compromised, any device on the network can continue to siphon data out of the company, and sabotage operations with malicious code or malware.

Apps need security too

Pharma companies are starting to find promising results by using mobile apps to better serve patients and physicians. These apps can offer prescriptive advice, medication reminders and other health management tools, as well as facilitating real-time interaction and feedback in clinical trials.

Apps themselves may be an attack vector for data theft, device takeover and unwanted spyware interference. Even if a pharma company does not offer an app, hackers can entice customers to download or log in to a fake version of a drug-branded app, which can steal a customer’s PHI data and more.

Pharmaceutical companies bear a high degree of liability if any form of mobile cyberattack compromises research, production or patient data, with consequences including losing compliance status, legal battles, money and brand reputation.

Mobile clinical app malware

Mobile clinical trial drug app for patients — Private HIPAA medical data stolen by hackers and sold on dark web

Mobile MITM malware

Device on business/sales rep in doctor's office connected to MITM over rogue Wi-Fi in Dr. Office. Steals payment account and product information

Sensitive IP mobile malware

Lab researcher device compromised by malware “maintenance download” app gathers sensitive IP by taking control of the camera and microphone


Pharma companies can deploy Zimperium’s world-class mobile threat defense (MTD) platform to detect and resolve advanced cyberattacks at all of the exposed mobile touchpoints in the enterprise. With very little effort, security and development teams gain on-device and in-app protection from cyberattacks, with real-time visibility into the mobile threat landscape that may impact their R&D and field operations.

On-device protection made easy

With a simple install, Zimperium’s zIPS™ app runs directly on the device to provide real-time mobile threat detection and defense for Android and iOS mobile devices against device-level intrusion, network-based (or MITM) attacks, and unwanted application installs and malware. Pharmaceutical InfoSec or administrative teams can pre-install zIPS™ on corporate-issued user devices, and BYOD employees or authorized users can simply download and install the app from trusted stores (Apple App Store or Google Play).

Real-time network and spyware threat detection engine

Whether the Zimperium MTD platform is running as a standalone security app, or embedded within a custom app, the mobile device gains real-time awareness to known and unknown threat behaviors. The user can be immediately alerted to mobile threats and can resolve them locally, and have forensics sent to the pharma company’s security team. Zimperium’s z9 engine automatically detects and remediates issues on-device rather than requiring an Internet connection, admin privileges or tunneling out to a cloud service.

This approach to threat detection keeps employee and patient data secure on the device and legally compliant, without impacting performance. Threats at the device, network, and app level are reported to your company’s InfoSec team for tracking without compromising privacy regulations.

In-App Threat Protection and SDK

Pharma or partner companies can embed cybersecurity directly into the apps you deliver for customers and employees with Zimperium’s zIAP™ (In-App Protection) solution. This innovative SDK allows developers to immunize mobile apps with world-class security in minutes to help prevent data breaches and mobile fraud. zIAP™ is completely configurable by developers to detect and remediate threats to a device, including detection of suspicious user behaviors, network attacks and interference from other apps.

Self-protecting apps equipped with zIAP™ are alerted via API to take immediate action according to the policies set by the app publisher or developer. Enable your app to report fraudulent activity, observe if another app is making unauthorized requests or unwanted downloads, shut down a user session, run in read-only mode, delete cache or force a password reset to protect data when threats are detected.

Contact Us to Begin an Evaluation