Overview of Mobile Device Security thru Cloud-based Protections - dummies

Overview of Mobile Device Security thru Cloud-based Protections

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

Using cloud-based endpoint security is one method of protecting enterprise mobile devices from viruses, malware, spam, and other threats. The actual threat protection happens in the cloud or centralized data center of the endpoint software vendor in this type of deployment. Traffic to and from the mobile devices is redirected on the device to the cloud for malware detection.

Typically, this option includes no client-side software and relies instead on each application to take appropriate action when a threat is detected. For example, content downloaded from websites is inspected in the cloud before it’s delivered to the mobile device browser.

If a threat is detected in the web content, the cloud service indicates so, and the browser displays an appropriate message to the user. Zscaler, ScanSafe (now owned by Cisco), Symantec, and McAfee offer cloud-based mobile security solutions.

If this cloud model of endpoint security is what you need, make sure you analyze the following aspects of the solution:

  • Security between the mobile device and the cloud service: If both Internet traffic and corporate traffic (such as e-mail and intranet browsing) are sent to the cloud, you should make sure that the traffic is flowing over a secure tunnel.

    You don’t want anyone sniffing on the traffic that may carry sensitive data. Be sure to check with the cloud service vendor regarding the security between the mobile device and the cloud service.

  • Latency introduced by the cloud service: If data sent and received by the device hits the cloud service before heading to its destination, make sure that the cloud service is rapid in its response. Otherwise, the user experience on the mobile device will be adversely affected. If the cloud service adds a lot of latency, then the user’s browsing and other application access are slower.

Many cloud-based solutions offer protection against web-based threats for information accessed via web browsers. Mobile devices, however, are not only vulnerable to threats via web browsers but are also susceptible to receiving malicious content via MMS, SMS, or e-mail. Be sure to investigate options that provide holistic device protection for your employees’ mobile devices.