6 questions about Mobile Threat Defense
Published on 03/08/2022 in Solution news
Cyberattacks are also aimed at the smartphones and laptops we use for our work at home. So the need for Mobile Threat Defense (MTD) has never been greater. Bart Callens, cybersecurity expert at Proximus, answers six questions about it.
1. What kinds of threats are mobile devices susceptible to?
“Today it’s primarily mobile phishing, a variant of phishing that focuses specifically on mobile devices. It can be done in various ways: e-mail, SMS, WhatsApp, Messenger, etc. We’re talking about a greater attack surface compared to the standard form of phishing, which works almost exclusively via e-mail and which people are already aware of now. People are still inclined to trust an SMS faster; consider the SMSs that supposedly come from itsme. That’s exactly where the danger of mobile phishing lies.”
Businesses need new strategies and technologies to implement their mobile development with confidence. Read more about building a successful Unified Endpoint Strategy.
2. Do apps themselves also constitute a possible danger?
“We often blindly trust the app stores, but it’s possible to put harmful apps in the app store and so give people a false feeling of security. Connections to public Wi-Fi access points are also a target for hackers, who sometimes trick users with their own malicious Wi-Fi network. So hackers have many more options available than for fixed devices.”
The attack surface for mobile phishing is much greater than for the standard forms of phishing.
Bart Callens, cybersecurity expert at Proximus
3. What is Mobile Threat Defense?
“Mobile Threat Defense, or MTD, is an advanced cybersecurity solution focusing specifically on mobile threats. The way threats arise on mobile devices is very different from fixed devices. For just this reason, they require a specialized cybersecurity solution to detect and eliminate them. Businesses today make a lot of professional applications available via employees’ smartphones, so that the boundary between work and personal life is blurred. That makes it very interesting to hackers. Protection from mobile threats is provided through an MTD app on the end-user’s device and a management portal for the IT or fleet manager.”
4. Do businesses do enough today to secure mobile devices?
“We see that businesses primarily engage in Mobile Device Management. That mainly involves secure network access to the company network, e.g. establishing a secure VPN connection, or securely installing and updating apps on devices. Detection of specific threats and attacks on mobile devices is what MDM solutions don’t do, however.
A Mobile Threat Defense solution is a cybersecurity solution complementary to existing Mobile Device Management solutions
Bart Callens, cybersecurity expert at Proximus
5. Should every business invest in an MTD solution? What risks do they run?
“Businesses are often still reluctant because they believe the benefits don’t outweigh the costs, or because they think they aren’t an interesting target. As long as no critical files or information are on smartphones, people think they are safe. They’re not aware that their company network is vulnerable via employees’ smartphones, because they constitute a stepping-stone for hackers to break into the company network.“
“Spear phishing is a common variant. An employee gets a message from a person that appears to come from within the company, for example the CEO or another high-ranking person within the organization, with an urgent request for information. Using this route, hackers then try to install malware to get complete control over the mobile device. The familiar two-factor authentication also often takes place now via apps on a mobile device, with the danger that hackers get access to critical business applications.
6. People also use company devices in their personal lives. Are these data included under Mobile Threat Defense?
“A good MTD solution offers many possibilities for defining privacy settings. You can choose which data are forwarded to the central management platform. So, for example, you can turn off retention of location data completely or set it gradually. This is made transparent to the users of the mobile devices within the MTD app.”
Managing and securing mobile devices is a necessity for allowing your employees to safely conduct mobile work.
Bart Callens is a cybersecurity expert and product manager at Proximus.
One
One magazine is the Proximus B2B magazine for CIOs and IT professionals in large and medium-sized organisations.