Mobile device management and mobile threat detection are the two most common types of mobile security solutions and offer complementary features. This article summarizes the two types of technologies and why both of them are important in defending mobile devices from digital threats.
As mobile devices have become ubiquitous, employees are increasingly using them for work as well as personal activities. They use their mobile phones and tablets to read emails, share files, access client information, use mobile applications (work and personal), and video chat with colleagues.
While mobile devices improve employee productivity, they also pose a security risk. Mobile devices face numerous security threats, including:
Mobile device management (MDM) and mobile threat detection (MTD) solutions provide security for mobile devices, but use different, and complementary, techniques. Both MTD and MDM operate with a client app on the mobile device and a server- or cloud-based management application.
Below are the features of each type of mobile security solution:
Mobile device management provides basic security management of the device and enforces security policies. Some of the core functions of mobile device management are:
Mobile threat detection products focus on network- and behavior-based threats. For instance, an MTD solution can detect man-in-the-middle attacks over Wi-Fi or identify suspicious device behavior. MTD is designed to detect malware and potentially harmful mobile applications as well as mobile phishing attacks. It can also remediate issues in a variety of ways, including the termination of a connection if it identifies a problem. At a more technical level, a mobile threat detection solution can:
Together, MTD and MDM solutions provide strong security for mobile devices and the network and applications that they access.
Employees often use their own devices to access work applications and data. To make matters worse, employees may also use these unsecured devices over public wireless networks. This combination puts an organization’s network and data at risk of malware infection and data breaches.
Privacy concerns are one reason employers may not include employee devices in an organization’s security management program. However, most MDM and MTD solutions can separate the work applications and data of a mobile device from the personal side. With this firewall between the two, there is less risk of infringing on employee privacy.
This division is accomplished through user roles or personas that define the user’s access privileges to work applications and data. For example, a C-level executive persona may provide one set of privileges and application access, while personas for payroll managers, marketing specialists, and sales people may provide different access rights and resources. Personas operate either in containers—lightweight environments that share the device’s operating system and resources—or in virtual machines that split the device’s resources in half and may run different operating systems. An IT department can create and manage a work persona on one side of the device while leaving the other side for personal activities. When an employee leaves an organization, IT can wipe the work persona clean without affecting other content or settings.
In addition to implementing MTD and MDM security solutions, organizations can improve the security of their mobile devices by following these best practices:
While mobile devices will continue to be a target of cyberattacks, IT organizations can significantly reduce their risk by implementing mobile device security through good security practices and up-to-date security software. A combination of mobile threat detection and mobile device management provides maximum protection for data and applications while giving employees the benefits of mobile devices.