With
use of smartphones and tablets on the rise and sales of traditional PCs on the
decline, attacks on mobile devices are maturing, says IT research and advisory
firm Gartner Inc.
By
2017, the focus of endpoint breaches will shift to tablets and smartphones.
And, according to Gartner,
75 percent of mobile security breaches will be the result of mobile application
misconfiguration and misuse.
Common
examples of misuse are “jailbreaking” on iOS devices and “rooting” on Android
devices. These procedures allow users to access certain device resources that
are normally unavailable — and remove app-specific protections and the safe
"sandbox" provided by the operating system, putting data at risk.
Jailbreaking
and rooting can also allow malware to be downloaded to the device, enabling
malicious exploits that include extraction of enterprise data. These mobile
devices also become prone to brute force attacks on passcodes.
According
to Dionisio Zumerle, principal research analyst at Gartner, a classic example
of misconfiguration is improper use of personal cloud services through apps
residing on smartphones and tablets. “When used to convey enterprise data,
these apps lead to data leaks that the organization remains unaware of for the
majority of devices," he said.
The
best defense for an enterprise is to keep mobile devices fixed in a safe
configuration by means of a mobile device management policy, supplemented by
app shielding and "containers" that protect important data.
Gartner recommends
that IT security leaders follow an MDM/enterprise mobility management baseline
for Android and Apple devices as follows: ask users to opt in to basic
enterprise policies, and be prepared to revoke access controls in the event of
changes.
Users who are not
able to bring their devices into basic compliance must be denied (or given
extremely limited) access; require that device passcodes include length and
complexity as well as strict retry and timeout standards; specify minimum and
maximum versions of platforms and operating systems. Disallow models that cannot
be updated or supported; enforce a "no jailbreaking/no rooting" rule,
and restrict the use of unapproved third-party app stores.
Devices in violation
should be disconnected from sources of business data, and potentially wiped, depending
on policy choices; and require signed apps and certificates for access to
business email, virtual private networks, Wi-Fi and shielded apps.
IT
security leaders also need to use network access control methods to deny
enterprise connections for devices that exhibit potentially suspicious
activity.
"We
also recommend that they favor mobile app reputation services and establish
external malware control on content before it is delivered to the mobile
device," said Zumerle.
Mobile
security trends will be discussed at the Gartner IT Infrastructure &
Operations Management Summit 2014, June 9–11 in Orlando, Fla.
No comments:
Post a Comment