Summary Bullets:
- Not all enterprise mobility management solutions provide a full set of security controls that also include anti-malware programs.
- Enterprises looking to secure employee and corporate-owned smartphones and tablets should mandate the use of strong anti-malware programs as part of their in-depth defense strategy.
Unless you’re using an enterprise mobility management (EMM) solution from an anti-malware provider such as Symantec, McAfee or Sophos, your smartphones – corporate or employee-owned – aren’t completely defended against the latest threats designed specifically for smartphones. Many EMM vendors focus their security efforts on controls such as authentication, certificate-based access control, separating out personal from corporate data in containers, remote/selective wipe and securing devices and/or apps using VPNs. But, with the exponential rise of malware focused especially on Android smartphones and tablets, is that really enough? New findings from security researchers at Palo Alto Networks and others suggest it isn’t. Palo Alto Networks’ Unit 42 researchers recently discovered a backdoor placed deliberately by Chinese manufacturer Coolpad, one of the largest China-based smartphone manufacturers. The company estimates that 24 Android models produced by Coolpad, and potentially 10 million devices, have the backdoor, nicknamed ‘CoolReaper,’ installed. The company’s researchers also believe that Coolpad modified the Android OS running in those devices so that it’s harder for anti-virus programs installed on the devices to detect the backdoor.
Even though Android has earned the dubious distinction of having the lion’s share of all mobile malware, iOS is not without its threats. A recent threat advisory from Akamai Technologies’ Prolexic Security Engineering and Research Team warns of a new mobile remote access Trojan (mRAT) that targets both Android and jail-broken iOS devices. Dubbed the ‘Xsser’ mRAT, the attack utilizes man-in-the-middle and phishing techniques that use social engineering to trick users into downloading apps containing the exploit from fake Google and Apple app stores to spread itself. Once downloaded, it can steal user credentials, launch distributed denial of service attacks and spy on end users. Of course, running any one of the better mobile anti-malware programs is no guarantee an end user’s device won’t get hacked, but the improved level of protection they offer is great insurance against such an event, and many of those programs are free. Enterprise IT pros creating BYOD and COPE policies should mandate the use of strong anti-malware programs in addition to other security controls on mobile devices used in the workplace. Defense in depth on mobile devices should be a rule, not an exception.
IT Connection 