Imagine finding out your most recent departmental budget was only 40% of what it should be. If you’re like me, you’d get a strong feeling that “something is missing and it’s a real disaster.”
Well, here’s the thing. If you’re a CISO – or if your job involves information security in general – you should be getting that exact feeling right this minute. Because most businesses only secure 40% of their endpoints.
Clearly, no one thinks that 40% is good enough – whether it’s your budget or your endpoint protection strategy. So why would an otherwise buttoned-up, well-run enterprise security organization pursue a strategy that fails to protect 60% of their endpoints?
The problem, in a word, is mobile. Enterprises have had decades to plan, implement and iteratively refine robust management and security solutions for traditional endpoints like desktops and laptops. But mobile devices transformed almost overnight from a nice-to-have luxury into the single most critical endpoint in the enterprise for employee productivity, connectivity and collaboration.
Today, enterprises are still struggling to get their arms around protection for mobile devices. That struggle results in part from the vast difference between mobile threat defense and traditional threat defense. Unlike desktop PCs:
Bad actors recognize that mobile endpoints are a relatively easy target. By September 2020, we had already recorded more mobile app breaches, failures, and data leaks than all of 2019.
Every day, Zimperium detects 600 million threat events involving enterprise mobile devices. Essentially, all the methods and strategies hackers use on traditional endpoints apply to mobile devices.
Even aside from inadequate protection, mobile devices have inherent characteristics creating a larger attack surface than traditional endpoints. Cybercriminals can attack mobile devices from multiple vectors.
All of this is to say that the endpoint security problem itself is huge. But the bigger picture is that when your endpoint security is compromised, all your information security is compromised. If 60% of your endpoints lack adequate management and security, you cannot succeed with security frameworks such as zero trust. But this is not to say that protecting mobile devices is a hopeless cause. Rather, it just requires a different approach.
I mentioned earlier that EPP and EDR solutions are ineffective on mobile devices. The reasons for that are complex. For example, the kernels in mobile OSs such as Android, iOS and ChromeOS are locked down. And since EPP and EDR rely on kernel access, they are blind and ineffective on mobile.
They have no ability to detect risky or malicious networks, and cloud-based detection can easily be disabled by network attackers. They can’t even assess privacy and security risks in legitimate (non-malicious) mobile apps.
Mobile endpoints therefore require a new security approach. Gartner calls this new class of solutions mobile threat defense, or MTD. As the global leader in mobile threat defense protecting millions of enterprise mobile endpoints around the world, Cyber Armors’s MTD solution uniquely has the characteristics required for successful MTD:
The Zimperium platform leverages our machine learning-based engine – z9 – to protect mobile data, apps and sessions against device compromises, network attacks, phishing attempts and malicious apps. Our solutions include zIPS which runs locally on any mobile device and detects cyberattacks without a connection to the cloud and our first-of-its-kind Mobile Application Protection Suite (MAPS), a comprehensive solution that helps organizations protect their mobile apps throughout their entire life cycle.
MAPS is comprised of three solutions: zScan, which helps organizations discover and fix compliance, privacy, and security issues; zShield, which hardens the app through obfuscation and anti-tampering; and zDefend (formerly zIAP), an SDK embedded in apps to help detect and defend against device, network, phishing and malicious app attacks while the app is in use.
If you’d like to get past the 40% mark and move to 100% endpoint protection, please feel free to reach out to me directly or to anyone at Cyber Armors. We are here to help.