Mobile Security is Endpoint Security
The most unprotected and largest security gap in your organization
Mobile Security Issues for CISO’s
The most disperse and difficult security challenge for CISOs is ensuring that the thousands of endpoints in their organization are secure. Laptops created an enormous boost to productivity but came with security risks. Just as security professionals solved the problem, an entirely new endpoint arrived that had some threats that were similar, but others that were entirely new, different and increased organizational risk. This new endpoint came in the form of a phone or tablet and had access to or contained the same information as traditional laptop or desktop endpoints. Today, roughly 60% of an organization’s endpoints are mobile with very little if any security. You wouldn’t consider leaving laptop/desktop computers unprotected, yet thousands of mobile devices accessing organization information do so with little security.
As it turns out, there are 7 primary security issues CISOs face with mobile endpoints. The first three are similar to traditional endpoints (but need to be secured differently) and four are unique to mobile:
- 1. Corporate email
2. Corporate apps
4. Microphone / camera
5. Executive locations / calendars / contacts
6. Entry point to network
7. Username / passwords
How Are Organizations Attacked via Mobile?
Zimperium has identified the primary ways an attacker will compromise a mobile device to gain access to organizational information or use it as a stepping stone into the network. We call these attacks vectors "Mobile Menaces".
1. OS Exploit: The most serious and impactful attack. OS exploits target old or vulnerable mobile device operating systems. Updated devices are more immune to attack but not completely safe and can still be vulnerable to zero day attacks.
2. Rogue Profile: This often comes in on the back of another app (like a VPN app) installing various escalated rights and permissions.
3. Phishing: This attack disguised as something legitimate like an email, sms, or application and often appears to come from a friend, a business you often work with (like a bank), etc. Once you activate the phish, various attacks can be launched.
4. Bad Wi-Fi: A bad Wi-Fi, also called rogue Wi-Fi or rogue access point, looks like a legitimate Wi-Fi but is actually controlled by the attacker. Once a device connects to the bad Wi-Fi, the attacker can monitor and direct traffic at their discretion which often leads to an exploit being delivered to compromise the device.
5. Man in the Middle: Often abbreviated as MiTM, this attack inserts itself between the mobile device and the intended destination. The attack uses something familiar (like a website or online banking) as it sits in the middle with the user not knowing they are being attacked.
6. Malicious App: These are apps that often look like a normal app (like a flashlight app) but behind the scenes are stealing information.
How to Secure Mobile Devices
There is no question mobile devices represent a significant security risk to an organization. The question is what can be done to reduce the risk that represents 60% of an organization’s endpoints?
A mobile endpoint security solution must be able to:
- 1. Detect device compromise
2. Analyze all apps for leaky/malicious behavior
3. Block surveillance or traffic interception
4. Prevent unauthorized camera/mic access
5. Stop phishing attempts
6. Ensure end user privacy