The rise of mobile phishing and malicious app threats has recently become abundantly clear. In fact, according to a recent study from Lookout more than 30% of personal and enterprise users are exposed to mobile phishing attacks each quarter. This number is important for people in insurance, banking, legal, and healthcare as they are statistically the most targeted.
The data indicates that bad actors have evolved from making attempts on email alone. Attack methods such as smishing (SMS phishing), quishing (QR phishing, and vishing (voice phishing) are pushing the boundaries of attack methods, and many businesses find themselves struggling to find a solution to the vulnerabilities their employees face on their mobile devices.
Subsequently, the topic of Mobile Threat Management (MTM) as a necessary security layer has become more relevant than ever.
What is MTM (Mobile Threat Management)?
MTM (mobile threat management) is a security solution designed to detect malicious apps that compromise the user’s privacy (e.g. turning on camera and microphone) and detect attempts to compromise security through credential theft and data exfiltration etc.
MTM is different to MDM (mobile device management) and MAM (mobile app management). Click here for an explanation of the 3 layers of the mobile security stack.
What are the capabilities of MTM?
Here are some common capabilities of Mobile Threat Management solutions:
- Malware Detection and Prevention: MTM solutions use various techniques, such as signature-based hash scanning and behavioral analysis, to detect and prevent malware and malicious apps from running on mobile devices.
- Phishing Protection: MTM tools can identify and block phishing attacks, which often target users through malicious emails, SMS messages, or links designed to steal sensitive information.
- App Security: MTM solutions have the ability to assess the security of installed apps, identifying potential vulnerabilities or privacy risks e.g to detect WhatsApps or Chrome etc.App Reputation Analysis to determine the trustworthiness of public and private apps (IPA & APK). Also, detect privacy risks risks from apps that turn on the microphone and camera inappropriately.
- Device Vulnerability Assessment: MTM tools scan devices for known vulnerabilities and security patches that need to be applied. This helps ensure that devices are up to date and protected against known exploits.
- Behavioral Analytics: By monitoring user and device behavior, MTM solutions can identify deviations from normal patterns, indicating potential security incidents or unauthorized access.
- Jailbreak and Root Detection: Detecting whether a device has been jailbroken (iOS) or rooted (Android) is crucial, as such modifications can undermine device security. MTM tools can identify these states and take appropriate action.
- Real-time Threat Detection: MTM solutions continuously monitor device activities and communications, detecting threats in real time and providing alerts or automated responses as necessary.
- Policy Enforcement: Businesses can establish security policies for mobile devices and enforce them through MTM solutions. This can include enforcing strong authentication methods, restricting app installations, and defining access control rules.
- Reporting and Analytics: Comprehensive reporting and analytics from an MTM solution provide insights into device security posture, threat trends, and overall risk assessment, helping organizations make informed security decisions.
Keep in mind that the capabilities of MTM solutions can vary from one provider to another. Businesses should carefully evaluate their mobile security needs and consider factors such as platform support, integration options, and the effectiveness of threat detection and prevention mechanisms when selecting an MTM solution.
How to Use MTM to Protect Your Business:
The layers of a robust mobile security strategy work together to create a security fortress to safeguard company data and user privacy -from multiple attack vectors. Here are some of the fundamentals of MTM to help you get started:
- Device Management: for company-owned devices enabling remote wipes and app restrictions.
- Integrate MDM with your device vendor through Apple Business Manager or Android Enterprise. This adds an additional layer of security at no cost. There will be an immutable association between your devices and MDM server so if a device is stolen and reset, it will always reboot as a company device.
- Apply MAM (mobile application management) policies to protect company data in work apps such as Outlook, Teams and OneDrive.
- Deploy WiFi credentials as part of the MDM profile so that devices auto-attach to WiFi and users don’t need to type their WiFi credentials.
- Certificates – deploy a certificate where technically feasible
- Security Policies: Create clear usage policies and educate employees on mobile security practices with a clear list of do’s and don’ts
- Enforce strong passwords or even better, embrace biometric authentication to become passwordless.
- Threat Detection: deploy mobile threat management agents such as Lookout to detect and mitigate malware, phishing, side-loading, and unauthorized access.
- App Maintenance and Security: Vet app sources, whitelist approved apps, and ensure regular updates.
- Data Protection: Encrypt stored data and apply labels to sensitive information.
- Audits and Updates: Regularly audit security measures, apply patches, and adapt to emerging threats.
- Phish-resistant MFA – deploy an MFA solution that is not vulnerable to MFA booming e.g. number matching
To strengthen your MTM strategy, it is important to stay proactive and be willing to adapt to evolving threats.
Tools for Mobile Threat Management
While there are several tools available for Mobile Threat Management, businesses that have embraced Microsoft E5 have the opportunity to leverage Defender for Endpoint as an MTM solution. Additionally, Lookout has established its brand as a leader in the space and integrates seamlessly in a vast majority of business endpoint ecosystems. Both tools offer sophisticated solutions with dynamic updates to address a fluctuating threat landscape.
If Mobile Threat Management is not already a part of your comprehensive security strategy, it should be in your crosshairs. With a threat landscape that is increasingly targeting mobile devices and apps of users, MTM will enforce your businesses’ security policies and coordinate responses, managing mobile threats across your business.