Enterprise Mobile Device Security: Preventing Malicious Applications
Malicious applications can do tremendous damage to the infected mobile device but for the enterprise they present a clear security breach to corporate assets. Preventing this type of intrusion is critical but comes with cost. Keep in mind that intrusion prevention is computation-intensive. It takes processing power and (you guessed it) battery power.
From a hacker’s point of view, a mobile device presents a target far more fertile and wide-reaching than what a traditional desktop environment provides. Why? One primary reason — the app store. Thanks to Apple’s revolutionary, easy way to download free and cheap apps, apps proliferate for every type of device. With hundreds of thousands of applications available to your employees, it’s no wonder they constantly experiment.
“New” does not necessarily mean “good.” Some applications are written with the same rigor as traditional desktop applications, but most are written with the express intent of getting a quick return on investment. Bottom line: Their creators tend to circumvent good programming techniques, which makes them vulnerable to attack.
But wait, there’s more; these applications, vulnerabilities and all, could also have widespread access to your employees’ data stored on the devices, (contacts, messages, location, photos, and so on). An attacker could compromise those as well — and compound the trouble.
The familiar patterns of attack reassert themselves. One application that was sold as a simple wallpaper program also sent stored telephone numbers to a Chinese server; malicious Trojan Horses have turned up in gaming applications. One hack forced phones to make long-distance international calls, so the phone owner was then heavily charged for the “privilege” of being hacked.
When you’re responsible for a device in the enterprise, you have to include all the associated applications, data, and security posture that go along with the device. The relevance of the application explosion to these concerns is that it’s also an explosion in potential device vulnerability, and by extension, any associated data that a device’s apps may have access to is also vulnerable.
So what can you do to prevent against this? The odds are stacked against you — users will experiment with new apps, and malware developers will flock to generate nefarious apps that threaten to expose data, become part of a botnet, or wreak havoc on other devices. Your best tools for prevention are education and communication. Constantly and consistently communicate about the need for users to employ good judgment when downloading apps. Users should follow these practices:
Avoid downloading apps created by unknown individuals.
Check the rating and feedback provided by other users on those apps before downloading any apps.
If the apparent value that an app touts sounds too good to be true, then it probably is. Avoid these apps at all costs.
After you pick your on-device firewall vendor, check with the vendor to see if it provides outbound monitoring solutions as well, which could point to anomalous behavior on the mobile device that could in turn provide insight into errant applications.