In the current political climate and with the volume of cyber attacks on Australian organisations increasing, surely every corporate in Australia is currently reviewing its cyber security defences.
One subject that keeps being raised with MobileCorp around mobile security is whether having an EMM solution, like VMware Workspace One, or Microsoft Intune, or Jamf, is sufficient to defend against cyber attack.
Here are the top four questions we are being asked....and responses by MobileCorp CTO, Phill McSherry.
The short answer is no. EMMs are primarily a device configuration system, with security focused on restricting what the end user can do on the device rather than providing threat detection. EMMs that do have the ability to perform content filtering on websites rely on an administrator to continuously maintain a blacklist or whitelist of sites that they must curate themselves.
While this varies depending on the EMM environment and the devices enrolled, generally EMM security falls under the following:
MTD can scan and protect against malicious apps, crypto jacking, man in the middle attacks, and block phishing websites, malware traffic and spam websites. They can also detect and protect against app and web data leakage, zero day phishing attacks, as well as dynamically filter web content.
When people ask me this question I usually ask them two in return?
If so, why would you not extend the same protection to mobile devices that are part of your network?
When employees are using a corporate device they assume the company has taken security precautions. If employees are aware that the company is managing the device using EMM, they are even more likely to assume it is secure and they do not need to worry.
Employees are increasingly completing more and more of their work on mobile devices. Some roles - the road warriors in sales and field force staff - are completing the majority of their work on mobile, or would like to be.
A lot of apps on mobile devices have credentials stored in them. These apps generally pass through those credentials to a website and that is where threat detection comes in. A mobile threat defence solution scans those apps, and the traffic from them looking for vulnerabilities.
An example would be an employee receiving an email purporting to be from their bank and clicking through to a fake website. A Mobile Threat Defence solution would stop the employee from going to website or delivers a warning - depending on how the MTD has been set up. An EMM solution won't do that unless the administrator has specifically manually blocked that particular website.
Another example would be if a banking app is leaking data or an app is scraping passwords, MTD will detect that whereas EMM is not even looking for it.
Many MTD solutions have been designed to work in tandem with EMM solutions, integrating the strengths of multi-level visibility with a sophisticated array of tools to control and adjust devices. With the combined power of both technologies, new insights on the security and status of every device can be surfaced at the device, application, infrastructure or data level. These insights can then be responded to using the functionality of either platform.
Examples:
Learn more about Mobile Security solutions
Learn more about EMM
MobileCorp is an enterprise ICT solutions company with a mission to deliver our customers a communications technology edge. At MobileCorp we believe in being at the forefront of ICT technology shifts so that we can bring trusted insights and innovative solutions to our customers.
We provide Managed Mobility Services, Enterprise Mobility Management, Complex Data and IP Networks, and Unified Communication solutions. We have a proven track record providing managed services for Australian enterprise and business, and are a Telstra Platinum Partner.