The SANS Institute’s recent study, Endpoint Protection and Response: a SANS Survey, revealed that only 47% of attacks on mobile devices were detected by antivirus. Though this approach to mobile protection is the most common method to detect an initial threat, it clearly isn’t enough to keep endpoints completely safe. There are tools to facilitate mobile security, but organizations still struggle with this subject. The challenges of mobile protection are many, so what do companies need to do to protect themselves from mobile threats?
To start with, automation can be a big help. Automating endpoint detection and response solutions should be a top priority for IT teams. This will enable IT to place actionable controls around their mobile devices to create a greater mobile security defense. Additionally, it’s crucial to automate and integrate workloads across the detection and response cycle. This is because all endpoint systems are targets for attacks, such as social engineering, ransomware, and web drive-bys.
However, according to the SANS Institute, funding is not focused on predictive technologies and automated response, on the whole. Not only that, but many respondents stated that they had next-gen capabilities which they have not implemented. For example, 49% of respondents have malware-less attack detection, but 38% have not implemented its capabilities. This indicates that though the respondents were able to acquire these tools, they didn’t have the resources to put them into action. This issue points to a few possibilities: organizations have incomplete mobile security strategies, poor leadership, or inadequate project management in terms of tools and processes. To be successful, organizations need to be realistic about their capabilities. If not, they will waste funds and their mobile devices will still be at risk.
Additionally, businesses tend to focus on the attacks they are already aware of, rather than preparing for the unknown. By patching and updating security regularly on vendor-managed devices and appliances, organizations can strengthen their overall security. Without doing so, they will offer cybercriminals extra entry points to their data. A device behind on updates and patches is a serious risk to a business.
The SANS Institute survey states that the top factors impeding mobile security are budget and management support, lack of automation/tool interoperability, and finding the skills required to operate tools. With so many elements to fight against, what are the best ways to improve your mobile security capabilities? The SANS Institute survey shows that the key factors of success are ease of data collection, correlation of data into usable information, skilled operators, and automation/tool interoperability. Without a properly trained staff to operate the security tools, businesses will always struggle with mobile protection.
The end goal of mobile security is to detect, respond to, and contain malware in the shortest average time possible. To meet that objective, organizations must prepare for mobile threats at all levels of operation, particularly in the IT department. A business can have the best automation and detection tools, but they’re useless if the IT team can’t implement them. Consider evaluating what your company and IT team can realistically accomplish and use that information to determine your next course of action in mobile security.
- Gartner Announces Unified Endpoint Management Tools Peer Insights Customers’ Choice Winners - April 22, 2019
- Microsoft Acquires Express Logic to Accelerate IoT Development - April 19, 2019
- Standalone MAM vs. AppConfig MAM: Pros and Cons - April 18, 2019