Top 5 Facts You Need to Know About Mobile Antivirus & Security
Since its inception, “antivirus” has been the shorthand term for solutions designed to prevent cyberattacks against endpoints from laptops to servers. On traditional endpoints (e.g., Windows, Linux), this lexicon has been fairly accurate since “viruses” (or their related cousins like worms, remote access trojans, etc.) were the primary threats. On those operating systems, applications have been allowed to interact with other applications. While this was useful for security applications like antivirus because they could neutralize or remove malicious applications, the malicious applications could also move laterally into other applications to create havoc and avoid detection.
The majority of “endpoints” accessing corporate data and networks are now mobile devices. As a result, the shorthand some use to describe the needed endpoint protection is “mobile antivirus”. Is the term correct, or should it be the broader terms of “mobile security” or Gartner’s “mobile threat defense”? For simplicity, we will refer to solutions as “mobile antivirus”. Regardless of terms, here are the top five facts security professionals need to know about mobile antivirus.
FACT #2: Mobile malware is the least of your concerns
Despite mobile antivirus referencing back to “viruses” and other apps, mobile malware is not a major issue for enterprises for two primary reasons: containers and efficiency. As mentioned before, mobile apps are in containers. Since apps cannot interact with other apps, mobile malware is largely for fraud against owners of that app or potentially as a delivery mechanism for a complete device compromise (Fact #5). Then there is efficiency… If a hacker is attacking a specific organization, there are far more efficient ways (wait for Facts #3 & 4) to do so than a container-constrained app.
FACT #4: Network threats begin most enterprise attacks
Zimperium research has shown that 80-90% of all targeted mobile attacks against an organization begin with a network attack. Rather than dropping an app in the App Store or Play Store and hoping someone from the targeted organization will download it (and then having to break out of the app container), it is far more efficient for an attacker to set up a false WiFi network (a.k.a., “rogue access point”) or do a man-in-the-middle (MITM) attack where he knows the employees are.
Mobile antivirus solutions must be able to detect these network-based threats and also be able to function even when one is occurring. As a practical matter, that means all detection must occur on-device and not rely on a cloud. Once an attacker controls the network, he will immediately terminate access to any cloud-based mobile antivirus solution, rendering that solution useless.
Fortunately, there is a solution:
The world’s leading mobile security solution, Zimperium Mobile Threat Defense (MTD), was designed to protect enterprises against the threats included in these facts. Only Zimperium MTD protects against device, network, phishing and app risks and attacks in real-time, on-device. To learn more: