Feature Article

February 29, 2016

MobileIron Security Report Finds Mix of Lax Security and Sophisticated Attacks in BYOD Environments

MobileIron Security Labs (MISL) recently published a downloadable report on the security of mobile devices within enterprise environments. The Q4 2015 Mobile Security and Risk Review details several security issues that should make any company with a BYOD policy take notice.

MISL is a newly-created division of MobileIron, Inc., a Mountain View California-based company that provides security solutions to manage mobile devices, applications, email, content, and fleet systems.

Fifty-three percent of enterprises in the report had at least one device that was out of compliance with standard policies. Other statistics should be more effective than four-shot espressos at depriving system admins of sleep.

One-third of companies had devices that were missing for a long time; probably lost or stolen. Another common problem came from attempts to circumvent basic security features: 22 percent disabled password or PIN login screens, while five percent removed mobile device management apps. One-fifth of companies had devices with outdated security policies because policy changes failed to transmit to all devices when changed by an admin.

The report alluded to another report by FireEye, which found malware in Apple’s App Store in spite of a review process designed to prevent malicious apps from being listed. Over 4,000 apps were found to be infected with XcodeGhost, malware that leverages an Apple SDK and can escape detection. An iPhone need not be jailbroken in order to be a security threat.

As a provider of enterprise mobile management (EMM) solutions, it is hardly surprising that MISL recommend them, but their reasoning is sound. An EMM solution would detect non-compliant devices and not only block them from accessing the enterprise network, but could also wipe sensitive company data from them.

MISL is also not a fan of blacklisting apps, simply because it is too hard to keep the list up to date. EMM uses containerization to separate company data from personal data. Company data cannot be accessed unless you are accessing it from the ‘container’. This makes it easy to remove the data later when a device goes rogue and protects it from being propagated to other systems through file sync apps.

This was the first report issued by MISL; more will follow on a quarterly basis. The findings demonstrated that while much vulnerability came from failure to follow basic security practices, some breaches are more sophisticated, like XCodeGhost. Perhaps the most important conclusion is one that has been true for decades: never be complacent when it comes to keeping a connected computer system secure. 




Edited by Rory J. Thompson


comments powered by Disqus

FOLLOW MobilityTechzone

Subscribe to MobilityTechzone eNews

MobilityTechzone eNews delivers the latest news impacting technology in the Wireless industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter