There is a new threat to enterprise mobility security and it sounds a little James Bond-esque. At Blackhat Europe last week Daniel Brodie, Senior Security Researcher at the Israeli security company Lacoon Security, and Michael Shaulov, CEO and co-founder of the company warned crowds of new threats to enterprise security they refer to as “spyphones”. The two speakers pointed out that companies are adopting Mobile Device Management (MDM) solutions to help protect corporate data in an age of growing enterprise mobility, but those companies need to understand that MDM solutions do not entirely secure devices and corporate data. Especially with the rise of new threats like spyphones and the way they go about attacking corporate data and information.
MDM solutions secure devices and data by setting up containers to separate personal and corporate information allowing for different security protocols and security to be applied to each container. The ability that MDM brings to remotely lock/wipe data and the phones in case of a lost or stolen device is helpful in securing data as well. However, most MDM solutions can apparently be circumvented by planting surveillance tools on a device without user knowledge, turning it into a spyphone, according to Brodie.
These surveillance tools can be used for “recording confidential phone calls and board meetings, tracking locations, extracting call logs as well as text messages and voice memos, and snooping on corporate emails and application data” writes InfoWorld. How are these surveillance tools making their way onto smartphones and circumventing MDM solution capabilities though? While it varies across different OSes smartphones can become spyphones essentially through the download of applications presented by attackers. Once applications are downloaded hidden binary can be installed, devices can be jail broken and erasing all jail break sources can be done to eliminate all signs that a device has been corrupted.
Despite these new forms of attack Brodie and Shaulov do state that MDM still serves a purpose in the enterprise. InfoWorld writes, “This however doesn’t mean that MDMs are not useful. They are useful for separating personal and business data and also can be very useful when use for remote-wipe operations, the researchers said.” So MDM does have its place in the enterprise and it is a solution that should be put into place but IT should continue to look at emerging threats and continue to adapt the security policies to these new threats. Click here to read more detail on how smartphones can become spyphones from InfoWorld.