When it comes to security, mobile devices pose a unique set of challenges. With the number of connected devices growing exponentially, the battle to protect information becomes more complex than ever. As capabilities of smart devices increase, so too does the number of ways to exploit vulnerable data.
As Phil Buckellew, VP of enterprise mobile at IBM puts it: ”Mobile devices are constantly connecting to un-secure networks, installing numerous unknown apps, and the lines between corporate and personal information are blurring. This leads to thousands of devices, which can become hard to securely manage.”
In the fight to keep your information safe, intelligence is key. That’s why many companies have begun using analytics for mobile security. Threats can come from malicious apps or websites, unsecured networks or even the devices themselves.
“Enterprises that are producing apps for employee, partner and consumer use need visibility into the mobile threat landscape – what kind of attacks are being launched, from where, at what time of day, at which types of apps running on what kinds of devices,” said Pam Kostka, CEO of mobile app security analytics company Bluebox. “Armed with this information they can more effectively remediate the attack and reduce risk by improving the security posture of the apps.”
Buckellew says other problems analytics can help root out include uncovering devices infected with malware before they compromise enterprise data, identifying jailbroken or rooted Android devices, and learning when users install blacklisted apps and access restricted website.
So now that you know what the threats are, how do you stop them?
First of all, you must make sure the communication channels are secure. Brian Panicko, SVP of global sales strategy at CellTrust, says the way data is transported plays a key role in protecting it from threats.
“Communication transport will be equally as important for the security analytics in that both the device and connections must utilize government grade encryptions, authentication and support remote-wipe capabilities,” he explains.
IBM has its own enterprise mobility management solution called MobileFirst Protect, which sends information to a security information and event management system called Qradar when a security breach is detected.
“This allows IT and security administrators to get a complete view of their environment, not just what’s on the LAN. This is the critical ‘complete’ view needed for meaningful correlation and analysis,” Buckellew explains. “Having that type of endpoint information, along with traditional network based events is extremely valuable in identifying and reacting to potential threats.”
Bluebox offers a security and analytics framework designed to be embedded in any mobile application that transforms the app into a self-defending app. The framework uses analytics to report on security posture of apps across the mobile portfolio; mobile threat trends; attack fingerprints so companies can better understand targeted attacks; and event and log data and behavior usage, which can be used to guide future security investments.
Perhaps the simplest and most important tool is the one that lets the user know when their data has been compromised.
“As security analytics become mainstream – it has become paramount for the mobile platforms including smartphones, tablets and even now wearables to become the delivery mechanism for security alerts and reports,” Panicko said.
One thing is for certain, security threats will always be around and will continue to evolve. Kostka says, “The future of security analytics is in enabling companies to be pro-active.”
She says making sure companies know how much you value security will be important to the longterm growth of the industry. The more you care, the more companies will focus on security. Kostka advises, “When rating apps or providing comments to the app developer, provide feedback that security matters to you and influences your decision to use a particular product.”