... Mobile App Reputation Services THE RADICATI GROUP, INC.
|
|
- Aubrey Cannon
- 8 years ago
- Views:
Transcription
1 . The Radicati Group, Inc Embarcadero Road, Suite 206 Palo Alto, CA Phone Fax THE RADICATI GROUP, INC. Mobile App Reputation Services Understanding the role of App Reputation Services in delivering Enterprise Grade Mobile Security A Whitepaper by The Radicati Group, Inc.
2 Table of Contents Introduction The Growth in Number of Mobile Apps Different Layers of Mobile Security Current Approaches for Dealing with App Security Webroot s Mobile App Reputation Service Conclusions and Recommendations...11 This whitepaper was sponsored by Copyright May 2013, The Radicati Group, Inc. 2
3 INTRODUCTION Smartphones and tablets continue to be heavily adopted by enterprises and consumers alike and have changed the way people live and work. While this leads to greater user freedom and empowerment it also opens the way to more security vulnerabilities than ever before, as mobile devices are increasingly becoming the target of hackers and cybercriminals. Security concerns exist at all levels of the mobile ecosystem, including the mobile device hardware, the operating system layer and the mobile browser capabilities, however, nowhere is the threat of malware or malicious activity more challenging than at the application level. The sheer number of apps from different sources, presents an enormous threat vector for malware and malicious activity, particularly as users are not always fully aware of how apps behave and are therefore lax in how they protect against potential unwanted behavior. Mobile app stores provide access to billions of apps, some of which have been tested to some degree but many of which are only minimally vetted before being accepted for store distribution. The Apple itunes store boasts 775,000 apps as of January 2013, while the Google Play Store had 900,000 apps online as of May While Apple is famous for its strict app vetting approach, Google has taken a more relaxed attitude and allows app developers greater freedom to upload apps to its store. Regardless of the amount of testing that an app store vendor may do, however, the sheer volume of these apps makes it impossible for a single user or organization to be 100% sure of which apps are trustworthy. In addition, app behavior can range widely from mildly annoying, such as issuing excessive pop-ups, to unwanted excessive use of the mobile device s communication capabilities, to outright downloading of malicious viruses or Trojan code. The only way to successfully deal with the onslaught of apps and the potential risks they represent is to rely on a mobile app reputation service. Mobile app reputation services can provide intelligence and granular threat assessments on millions of apps and are an essential aspect of a complete security strategy for Mobile App Developers, Mobile Device Management (MDM) vendors, Mobile App Store vendors, mobile carriers and anyone who needs to deliver application security to their customers. This whitepaper discusses the need for mobile app reputation services, and presents Webroot s App Reputation Service and the unique threat protection capabilities it delivers to partners and Copyright May 2013, The Radicati Group, Inc. 3
4 customers to ensure that their mobile applications are safe and compliant. In addition, Webroot s App Reputation Service provides a wealth of general information about app characteristics which can be used to set granular policies on app delivery and behavior permissions. 1.0 THE GROWTH IN NUMBER OF MOBILE APPS The number of apps available for mobile devices continues to climb sharply. In early 2013, Apple was adding apps to its store at a rate of about 20,000 apps per month, and Android apps were appearing at a similar pace. These apps are made by a variety of publishers. Well-known companies in different verticals, such as media, entertainment, and gaming, all have multiple apps available on multiple mobile OS platforms. The publication process for apps is also relatively easy, enabling sole developers to create an app in their spare time. With such a large number of apps available, it is not surprising that the app stores run by Apple and Google have over 1.5 million applications available for download. As of mid-2013, there have been approximately 100 billion downloads of apps between these two stores at a roughly even split with Apple announcing its 50 billionth app downloaded and Google announcing 48 billion app downloads just one day apart. With the massive growth in these numbers, we expect users to download another 100 billion apps in less than a year from these announcements. 2.0 DIFFERENT LAYERS OF MOBILE SECURITY The dramatic increase in the number of apps available has been fueled by the growing number of mobile devices that are used by consumers and business users. In fact, often these two types of users are fused into one with the Bring Your Own Device (BYOD) trend that has become popular across all verticals. Organizations were at first ambivalent, if not out-right opposed, to the idea of their employees being able to take home corporate data on a device easily misplaced, lost, or stolen. Organizations, however, are not able to stop or slow down this trend. This means that mobile security is more important than ever. Today, we can think of mobile security as comprising three different layers: Copyright May 2013, The Radicati Group, Inc. 4
5 Device layer protects and enforces policies on the physical hardware of mobile devices. Most mobile devices today come with cameras, GPS, Bluetooth, and other sophisticated hardware that can be exploited in certain scenarios. Getting a hold of these device-level features paves the way to enforce security on the operating system and application layers that rely on the device-level features for input. The operating system layer is the driving force of a mobile device, it takes inputs from the user and provides the user with feedback in return. The operating system layer is fundamental to device security as it and can enforce passcodes for device access, remote wipe features, block access to device communication resources, such as GPS or Bluetooth connectivity. However, protection at this layer is not able to recognize unwanted or malicious behavior by individual apps. App layer applications can store sensitive data that employees need to access on a daily basis. The security risk for these apps relates to loss of data. In order to ensure the integrity of the data contained within apps, organizations use additional forms of authentication, encryption, VPN tunneling, and more. In addition, certain apps cannot be trusted, such as games or rogue mobile banking apps, and must be blacklisted based on their threat to worker productivity, data exploitation, and other threats. Table 1, summarizes some of the security threats that may be found at each layer. Layer Device Operating System Applications Mobile Security Threats Threat Examples WiFi connecting to a rogue network; compromised Bluetooth connection; unauthorized camera usage; etc. Devices without a passcode; flaw or exploit in any native; required application (e.g. phone or Web browsing app); etc. Data is left unencrypted when sending over a network; device user is not authenticated when opening an app; etc. Table 1: Common Security Threats at Each Layer of a Mobile Device Copyright May 2013, The Radicati Group, Inc. 5
6 3.0 CURRENT APPROACHES FOR DEALING WITH APP SECURITY The security elements for the device and operating system layers have remained manageable for MDM vendors to keep up with. It is the apps, however, that are difficult to keep up with since they can literally be updated on a daily basis. This makes ensuring security at the application layer a very difficult proposition. Today, app security is normally addressed with some of the following techniques: Mobile device management is seen as the base level of security that utilizes device and operating system controls to keep devices secure. While this type of security keeps an entire device secure, there are minimal features available for applying granular protection to individual apps on the mobile device. App whitelisting/blacklisting addresses the security of applications on a mobile device. Administrators decide which apps to block or allow in a strictly binary fashion. While this does solve the problem of app security, the success of this approach is proportional to the amount of time spent by an administrator to decide which apps to whitelist or blacklist. With a growing number of apps available that users need to install on their mobile device, it will be impossible to maintain a list of every app that is good or bad. In addition, due to their binary nature, whitelist/blacklist approaches tend to easily generate false positives. Containerization also addresses the security aspect of applications, but this is a long and arduous process that should be reserved for custom-built apps or apps that contain very sensitive data. It is not necessary to containerize apps that are seemingly harmless, yet these apps must be addressed with some type of security feature. Containerizing every app would simply be too labor intensive. Table 2, summarizes these approaches to mobile device protection and some of the limitations they present in dealing specifically with app security. Copyright May 2013, The Radicati Group, Inc. 6
7 Approach Mobile Device Management App Whitelisting / Blacklisting Containerization Protecting Mobile Devices Limitations Focused mainly on device-level controls and not at app-borne threats. Binary approach that is too labor-intensive for the millions of apps available. Can easily generate false positives. Only necessary for enterprise apps, not wellsuited for personal or "mass-market" apps. Malicious apps can still infect the device layer even if they are containerized. Table 2: Protecting Mobile Devices In the current mobile environment that organizations face, there are simply too many apps to handle with containerization or blacklisting/whitelisting. Furthermore, a whitelisted app can easily turn malicious with an update. While it is certainly true that some apps, such as enterprisespecific apps, must be containerized or treated with special care, the majority of apps ought to be secured through an automated process that offers granularity about an apps behavior. An app reputation service can provide this service of pre-vetting apps to determine any malicious intent. App reputation services rely on a large number of inputs to automatically evaluate mobile apps, such as mobile malware signatures, mobile Web URLs, and much more. Using a broad range of inputs, an app reputation service can go beyond binary rankings that send apps to blacklists or whitelists. Furthermore, with the large amount of inputs used, an app reputation system can generate reputation scores that result in few, if any, false positives. 4.0 WEBROOT S MOBILE APP REPUTATION SERVICE While the protection of corporate-sanctioned apps is achieved through their own special, intricate methods of containerization, app wrapping, and more, the protection from the millions of noncorporate-sanctioned apps, such as personal or mass-market apps is too restrictive if it is addressed with only whitelists/blacklists, or too liberal if it is entirely unregulated. All too often mobile device users trust apps with any and all of their information simply because it is downloaded from the Google Play store or Apple App Store. IT Admins need to ability to make decisions on criteria beyond whether or not a mobile app is malicious or not. Copyright May 2013, The Radicati Group, Inc. 7
8 The Webroot Mobile App Reputation Service solves this problem by gauging the riskiness of an app from a massive amount of data from various inputs to determine if the app contains any threats or suspicious behavior. The Webroot Mobile App Reputation Service will rank an app according to the following categories: Malicious the app contains some form of malware designed to exploit the mobile operating system or device. Unwanted the app contains unnecessary and intrusive ads, popups, privacy policies, or other forms of invasive behavior. Suspicious the app contains unwanted or malicious components, but its behavior does not trigger any of Webroot s proprietary heuristics. Moderate the app is likely benign, but it may contain dangerous permissions Benign the app does not contain any dangerous permissions. Trustworthy the app has been scored as safe with no malicious behavior. In order to arrive at these rankings, Webroot takes each app through a five step process that closely examines the behavior, intentions, and risk of an app. The technology that powers the Webroot Mobile App Reputation Service is based on Webroot s principal cloud based security intelligence Webroot Intelligence Network (WIN), which collects billions of pieces of information from multiple sources, such as Web, endpoint, and mobile security services. Relying on WIN technology, Webroot s Mobile App Reputation Service is differentiated by its ability to use automated machine learning to collect, analyze and classify millions of mobile applications. The service also has access to a massive database of over 100 terabytes of every piece of malware that the vendor has ever seen and other proprietary threat databases that each app can be referenced against. The Webroot Mobile App Reputation Service also relies on its own proprietary heuristics that scan app behavior in a mobile sand-boxed environment. This behavior assessment is an essential element of the inspection process as apps are capable of deception and acting differently than assumed. Webroot s behavior inspection, however, helps avoid this type of deception. Figure 1, shows how the Webroot Mobile App Reputation Service arrives at a trust level for an app and its ability to deliver this data to its partners. Copyright May 2013, The Radicati Group, Inc. 8
9 Feedback Loop Mobile App Reputation Services Direct downloads from app stores Collection File sharing among other security vendors Data from millions of Webroot SecureAnywhere users Metadata about each app, such as app user ratings Analysis Package inspection of APK, IPA, etc. Runtime analysis to examine behavior Disassembly for source code inspection AI analysis with proprietary heuristics, SVM, and more MD5 hash inspection for malware Metadata inspection, such as developer or popularity Classification & Scoring Partner API Initialized with a clean score of 100 Once analyzed, scored based on riskiness Ranked from Trustworthy to Malicious Available via a RESTful Web service API Apps can be looked up via package name or MD5 App permission requests, runtime captures, source code files, and more can be accessed via the Partner API Figure 1: Webroot Mobile App Reputation Service Process Based on this process, Webroot assigns a reputation score to each application. Webroot has also devised a simple reputation band classification that streamlines the interpretation of the numeric reputation score. The reputation score and band classification are exposed to partners and developers through an efficient RESTful Web service API. The API can be easily integrated by Mobile App Developers, Mobile Device Management (MDM) vendors, Mobile App Store vendors, mobile carriers and anyone who needs to deliver application security. The API can also expose a great deal of additional information about each mobile app, such as: digital certificate information, runtime captures, and permissions requests, and much more. This information can be used to set policies for app management. For instance, a policy could be created around the categories of apps that should or should not be allowed to be installed on devices; such as an administrator could set a policy to block all games, or social networking apps, etc. Data elements exposed through the API include: Copyright May 2013, The Radicati Group, Inc. 9
10 Application reputation Blacklist Whitelist Basic file and package information Digital certificate information Manifest data Permission requests Requested phone features Runtime captures Source code files Top number of malicious applications Most recent files added Google Play information Market prevalence information By using this wealth of information about mobile apps, Mobile App Developers, Mobile Device Management (MDM) vendors, Mobile App Store vendors, mobile carriers and others, can leverage Webroot s Mobile App Reputation Service a general purpose mobile app information delivery mechanism in conjunction to its security intelligence capabilities. Using Webroot s Mobile App Reputation Service ratings, an analysis of 2.62 million Android apps and 670,000 ios apps carried out in mid-2013 yielded the scoring shown in Figure 2 below. Android Application Behavior ios Application Behavior Trustworthy 18% Unwanted 7% Benign 41% Suspicious 0.002% Moderate 3% Trustworthy 7% Suspicious 19% Moderate 5% Malicious 10% Benign 90% Figure 2: App Reputation Rankings, 2013 This snapshot of the app reputation rankings taken from Webroot s own Mobile App Reputation Service is quite alarming: more than 4 out of 10 Android apps contain some form of malware, over-stepping permission, or other cause for worry. Mobile apps on ios represented less of an Copyright May 2013, The Radicati Group, Inc. 10
11 obvious threat, mainly due to Apple s own strict app vetting process, but even these apps while not malicious may present some unwanted characteristics. The Webroot Mobile App Reputation Service lets users of its Partner API block apps with a certain reputation, but the service also allows users to achieve even more granularity by letting administrators couple app rankings with individual app permissions. For example, an organization may want to allow apps ranked as Moderate, but it can still disallow Moderate apps that contain certain permissions, such as access to a contact list. With this amount of granularity, the Webroot Mobile App Reputation Service is capable of creating a mobile security policy that isn t too restrictive or too liberal, but is just right for an organization s given risk appetite. 5.0 CONCLUSIONS AND RECOMMENDATIONS With the onslaught of app-borne malware and threats, app reputation services are the only way to effectively protect mobile devices. Mobile device security approaches at the device, operating system, and application layers are necessary, but these approaches need to be augmented with a powerful app reputation service that can deal effectively with the growing challenge posed by app-borne threats. In selecting a potential mobile app reputation service provider it is important to weigh the vendor s overall expertise in the security field as well as their understanding of the specific peculiarities and challenges posed by the mobile world. In particular, it is essential to select a mobile app reputation service that: a. Has constant updates through a broad base of inputs and feedbacks which refresh its definitions frequently and on an on-going basis. b. Is easy to work with and integrates well with a lot of different app delivery scenarios and packaging options. c. Provides deep granularity of information concerning potential threats and multiple app characteristics allowing an IT administrator to make decisions based on risk profile. d. Is easily adapted to meet different security policy needs and can evolve as customer needs change. e. Exposes a wealth of information about mobile apps which can be used for to set policies, analyze trends and develop different use scenarios. Copyright May 2013, The Radicati Group, Inc. 11
12 Webroot s Mobile App Reputation Service offers a top-of-the-line app reputation service, backed by the vendor s core competency in security. Webroot s mobile app reputation service meets all the key characteristics described above and provides a reliable partner with leading edge technology that can be easily incorporated in solutions from Mobile App Developers, Mobile Device Management (MDM) vendors, Mobile App Store vendors, mobile carriers and anyone who needs to deliver mobile application to their customers. Copyright May 2013, The Radicati Group, Inc. 12
... Mobile App Reputation Services THE RADICATI GROUP, INC.
. The Radicati Group, Inc. 1900 Embarcadero Road, Suite 206 Palo Alto, CA 94303 Phone 650-322-8059 Fax 650-322-8061 http://www.radicati.com THE RADICATI GROUP, INC. Mobile App Reputation Services Understanding
More informationMobile App Reputation
Mobile App Reputation A Webroot Security Intelligence Service Timur Kovalev and Darren Niller April 2013 2012 Webroot Inc. All rights reserved. Contents Rise of the Malicious App Machine... 3 Webroot App
More informationWebroot Security Intelligence for Mobile Suite. Cloud-based security solutions for mobile management providers
Webroot Security Intelligence for Mobile Suite Cloud-based security solutions for mobile management providers TABLE OF CONTENTS INTRODUCTION 3 WEBROOT INTELLIGENCE NETWORK 4 MOBILE SECURITY INTELLIGENCE
More informationSecurity challenges for internet technologies on mobile devices
Security challenges for internet technologies on mobile devices - Geir Olsen [geiro@microsoft.com], Senior Program Manager for Security Windows Mobile, Microsoft Corp. - Anil Dhawan [anild@microsoft.com],
More informationPutting Operators at the Centre of
Putting Operators at the Centre of Enterprise Mobile Security Introduction Small and Medium Enterprises make up the majority of firms and employees in all major economies, yet are largely unidentified
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationMobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing
Driving Productivity Without Compromising Protection Brian Duckering Mobile Trend Marketing Mobile Device Explosion Paves Way for BYOD 39% 69% 340% 2,170% 2010 177M corp PCs 2015 246M corp PCs 2010 173
More informationZscaler Cloud Web Gateway Test
Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationMAM - Mobile Application Management
Page 1 About 1Mobility 1Mobility has successfully established itself as a global company, offering cloud based, internationalized and scalable Enterprise Mobility Management (EMM) solution that monitors,
More informationHow To Secure Your Mobile Devices
SAP White Paper Enterprise Mobility Protect Your Enterprise by Securing All Entry and Exit Points How Enterprise Mobility Management Addresses Modern-Day Security Challenges Table of Contents 4 Points
More informationSymantec's Secret Sauce for Mobile Threat Protection. Jon Dreyfus, Ellen Linardi, Matthew Yeo
Symantec's Secret Sauce for Mobile Threat Protection Jon Dreyfus, Ellen Linardi, Matthew Yeo 1 Agenda 1 2 3 4 Threat landscape and Mobile Insight overview What s unique about Mobile Insight Mobile Insight
More informationIT Resource Management vs. User Empowerment
Mobile Device Management Buyers Guide IT Resource Management vs. User Empowerment Business leaders and users are embracing mobility and enjoying the flexibility and productivity leading to rising mobile
More informationWhat We Do: Simplify Enterprise Mobility
What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable
More informationperspective The battle between MDM and MAM: Where MAM fills the gap? Abstract - Payal Patel, Jagdish Vasishtha (Jags)
perspective The battle between MDM and MAM: Where MAM fills the gap? - Payal Patel, Jagdish Vasishtha (Jags) Abstract MDM Mobile Device Management and MAM Mobile Application Management are main Enterprise
More informationBYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.
April 2014 BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. Bring your own device (BYOD) refers to the policy of permitting employees
More informationof firms with remote users say Web-borne attacks impacted company financials.
Introduction As the number of users working from outside of the enterprise perimeter increases, the need for more efficient methods of securing the corporate network grows exponentially. In Part 1 of this
More informationEnabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments
Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Efficiently and Cost- Effectively Managing Mobility Risks in the Age of IT Consumerization Table of Contents EXECUTIVE
More informationYes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD
STRATEGY ANALYTICS INSIGHT October 2012 Yes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD By Mark Levitt, Analyst/Director at Strategy Analytics BYOD
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationTechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security
Enterprise Mobility - Mobile Device Security Story Context: TechnoLabs has been focusing and offers Enterprise Mobility as one of its solution offering. No can deny the fact that mobile computing can bring
More informationThe Benefits of SSL Content Inspection ABSTRACT
The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationA Guide to MAM and Planning for BYOD Security in the Enterprise
A Guide to MAM and Planning for BYOD Bring your own device (BYOD) can pose a couple different challenges, not only the issue of dealing with security threats, but also how to handle mobile applications.
More informationThe Truth About Enterprise Mobile Security Products
The Truth About Enterprise Mobile Security Products Presented by Jack Madden at TechTarget Information Security Decisions 2013 Welcome to my enterprise mobile security product session! Instead of printing
More informationSecurity and Privacy Considerations for BYOD
Security and Privacy Considerations for BYOD Carol Woodbury, President SkyView Partners, Inc 1 Introduction The world of BYOD (Bring Your Own Device) is rapidly expanding. You may not think it s happening
More informationPULSE SECURE FOR GOOGLE ANDROID
DATASHEET PULSE SECURE FOR GOOGLE ANDROID Product Overview In addition to enabling network and resource access for corporate managed mobile devices, many enterprises are implementing a Bring Your Own Device
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationMobile Security: Controlling Growing Threats with Mobile Device Management
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
More informationMOBILE SECURITY: DON T FENCE ME IN
MOBILE SECURITY: DON T FENCE ME IN Apart from the known and the unknown, what else is there? 18 Harold Pinter, Nobel Prize-winning playwright, screenwriter, director, actor 32 INTRODUCTION AND METHODOLOGY
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationEndpoint Security and the Case For Automated Sandboxing
WHITE PAPER Endpoint Security and the Case For Automated Sandboxing https://enterprise.comodo.com A World of Constant Threat We live in a world of constant threat. Hackers around the globe work every hour
More informationMobile App Containers: Product Or Feature?
ANALYST BRIEF Mobile App Containers: Product Or Feature? APPLE AND SAMSUNG HAVE TAKEN BIG STEPS WITH CONTAINERIZATION Author Andrew Braunberg Overview Secure workspaces, or containers, used for isolating
More informationSymantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management
Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data
More informationFinding Hidden Gems in the App Ecosystem
Whitepaper Finding Hidden Gems in the App Ecosystem How appbackr and Appthority Sort Through Millions of Apps to Deliver a Curated List of the World s Best Apps August 2013 Introduction The mobile app
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationApp Reputation Report February 2013 The Authority in App Security
App Reputation Report February 2013 The Authority in App Security Introduction The Appthority App Report for February 2013 provides an overview of the security risks behind 100 free ios and Android apps.
More informationSecuring Office 365 with MobileIron
Securing Office 365 with MobileIron Introduction Office 365 is Microsoft s cloud-based productivity suite. It includes online versions of Microsoft s most popular solutions, like Exchange and SharePoint,
More informationForeScout MDM Enterprise
Highlights Features Automated real-time detection of mobile Seamless enrollment & installation of MDM agents on unmanaged Policy-based blocking of unauthorized Identify corporate vs. personal Identify
More informationMobile First Government
Mobile First Government An analysis of NIST and DISA requirements for the adoption of commercially available mobility platforms by government agencies August 2013 415 East Middlefield Road Mountain View,
More informationThe ForeScout Difference
The ForeScout Difference Mobile Device Management (MDM) can help IT security managers secure mobile and the sensitive corporate data that is frequently stored on such. However, ForeScout delivers a complete
More informationMarble & MobileIron Mobile App Risk Mitigation
Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their
More informationMobile Application Security Sharing Session May 2013
Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers
More informationProtecting Android Mobile Devices from Known Threats
Protecting Android Mobile Devices from Known Threats Android OS A Popular Target for Hacks White Paper Zero Trust Mobile Security An Introduction to the BETTER Mobile Security Platform BETTER at work.
More informationMECS: Mobile Enterprise Compliance and Security Server
MECS: Mobile Enterprise Compliance and Security Server Mobile Active Defense locks down, secures and puts your iphones, ipads, Androids, other smartphones and tablets into regulatory compliance. By employing
More informationKony Mobile Application Management (MAM)
Kony Mobile Application Management (MAM) Kony s Secure Mobile Application Management Feature Brief Contents What is Mobile Application Management? 3 Kony Mobile Application Management Solution Overview
More informationHow To Protect Your Mobile Device From Attack
Manage and Secure the Mobile Data, Not Just the Device Stijn Paumen VP Business Development, Wandera The Great Platform Shift 60,000,000 iphone BlackBerry 50,000,000 40,000,000 30,000,000 20,000,000 10,000,000
More informationFive Best Practices for Secure Enterprise Content Mobility
A N A C C E L L I O N W H I T E P A P E R Five Best Practices for Secure Enterprise Content Mobility Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite 200 www.accellion.com
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More informationMobile Operating System Wars Android vs. ios
1 P a g e Mobile Operating System Wars Android vs. ios Authors Bogdan BOTEZATU Senior E-Threat Analyst Vlad BORDIANU Malware Researcher, Clueful Tiberiu AXINTE - Malware Researcher, Clueful 2 P a g e Table
More informationWildFire. Preparing for Modern Network Attacks
WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends
More informationSECURING TODAY S MOBILE WORKFORCE
WHITE PAPER SECURING TODAY S MOBILE WORKFORCE Connect, Secure, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2011, Juniper Networks, Inc. Table
More informationWebroot Security Intelligence. The World s Most Powerful Real-Time Network Security Services
Webroot Security Intelligence The World s Most Powerful Real-Time Network Security Services Table of Contents The World s Most Powerful Real-Time Network Security Services Table of Contents 2 Introduction
More informationHow we keep harmful apps out of Google Play and keep your Android device safe
How we keep harmful apps out of Google Play and keep your Android device safe February 2016 Bad apps create bad experiences, so we work hard to keep them off your device and out of Google Play. In 2015,
More informationTotal Enterprise Mobility
Total Enterprise Mobility Presented by Wlodek Dymaczewski, IBM Wlodek Dymaczewski dymaczewski@pl.ibm.com www.maas360.com Top Enterprise Mobility Initiatives Embrace Bring Your Own Device (BYOD) Migrate
More informationDefending Behind The Device Mobile Application Risks
Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem
More informationENTERPRISE MOBILITY USE CASES AND SOLUTIONS
ENTERPRISE MOBILITY USE CASES AND SOLUTIONS ENTERPRISE MOBILITY USE CASES AND SOLUTIONS Mobility is no longer a trend it s how business gets done. With employees using multiple mobile devices and the availability
More informationUtilizing Pervasive Application Monitoring and File Origin Tracking in IT Security
4 0 0 T o t t e n P o n d R o a d W a l t h a m, M A 0 2 4 5 1 7 8 1. 8 1 0. 4 3 2 0 w w w. v i e w f i n i t y. c o m Utilizing Pervasive Application Monitoring and File Origin Tracking in IT Security
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationCodeproof Mobile Security & SaaS MDM Platform
Codeproof Mobile Security & SaaS MDM Platform info@codeproof.com https://codeproof.com Mobile devices have been transformed into multi-faceted, multi-tasking, multimedia tools for personal expression,
More informationOWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.
OWA vs. MDM Introduction SmartPhones and tablet devices are becoming a common fixture in the corporate environment. As feature phones are replaced with new devices such as iphone s, ipad s, and Android
More informationCHOOSING AN MDM PLATFORM
CHOOSING AN MDM PLATFORM Where to Start the Conversation Whitepaper 2 Choosing an MDM Platform: Where to Start the Conversation There are dozens of MDM options on the market, each claiming to do more than
More informationAdministrator's Guide
Administrator's Guide Copyright SecureAnywhere Mobile Protection Administrator's Guide November, 2012 2012 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere
More informationEmbracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo. Sheldon.Hebert@fixmo.
Embracing BYOD Without Compromising Security or Compliance The Mobile Risk Management Company Sheldon Hebert SVP Enterprise Accounts, Fixmo Sheldon.Hebert@fixmo.com New Realities of Enterprise Mobility
More informationplatforms Android BlackBerry OS ios Windows Phone NOTE: apps But not all apps are safe! malware essential
Best Practices for Smartphone Apps A smartphone is basically a computer that you can carry in the palm of your hand. Like computers, smartphones have operating systems that are often called platforms.
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationAirWatch Enterprise Mobility Management. AirWatch Enterprise Mobility Management
Device Vendor Comparisons Deployment options ( + / -) Vendor for On premises Cloud/SaaS and other platforms supported (+ / -) Vendor for ios Android Extended Android APIs Knox, Safe Safe BlackBerry Windows
More informationTALLAN INC. MDM STRATEGY GUIDE 4/10/2014 WE BUILD SOFTWARE THAT HELPS OUR CLIENTS GROW DOCUMENT CREATED BY: Matt Kruczek Mobile Practice Lead
TALLAN INC. MDM STRATEGY GUIDE 4/10/2014 DOCUMENT CREATED BY: Matt Kruczek Mobile Practice Lead Brian Sampson Mobile Practice Lead Adam Worobec Senior Director WE BUILD SOFTWARE THAT HELPS OUR CLIENTS
More information8 Ways to Better Monitor Network Security Threats in the Age of BYOD January 2014
8 Ways to Better Monitor Network Security Threats in the Age of BYOD January 2014 8 Ways to Better Monitor Network Security Threats in the Age of BYOD 2 Unless you operate out of a cave, chances are your
More informationAndroid for Work powered by SOTI
Android for Work powered by SOTI Work The Way You Live Secure Enterprise Mobility Management Android for Work powered by SOTI transforms workplace mobility with enhanced security, consistent management
More informationNext-Generation Firewalls: Critical to SMB Network Security
Next-Generation Firewalls: Critical to SMB Network Security Next-Generation Firewalls provide dramatic improvements in protection versus traditional firewalls, particularly in dealing with today s more
More informationHow To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device
Empowering BYOD and Mobile Security in the Enterprise Jeff Baum, APAC Managing Director Growth of Mobile Mobile worker population will reach 1.3 Billion in 2015 Source: IDC Worldwide Mobile Worker Population
More informationIBM Endpoint Manager for Mobile Devices
IBM Endpoint Manager for Mobile Devices A unified platform for managing mobile devices together with your traditional endpoints Highlights Address business and technology issues of security, complexity
More informationBYPASSING THE ios GATEKEEPER
BYPASSING THE ios GATEKEEPER AVI BASHAN Technology Leader Check Point Software Technologies, Ltd. OHAD BOBROV Director, Mobile Threat Prevention Check Point Software Technologies, Ltd. EXECUTIVE SUMMARY
More informationMDM and beyond: Rethinking mobile security in a BYOD world
MDM and beyond: Rethinking mobile security in a BYOD world 2013 Citrix and TechTarget Table of Contents Summary.... 3 Introduction... 3 Current business challenges with BYOD... 4 Securing mobile devices
More informationEnabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD
Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD FORTINET Enabling Secure BYOD PAGE 2 Executive Summary Bring Your Own Device (BYOD) is another battle in the war between security
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:
More information"Secure insight, anytime, anywhere."
"Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others
More informationMOBILE SECURITY. Fixing the Disconnect Between Employer and Employee for BYOD (Bring Your Own Device)
MOBILE SECURITY Fixing the Disconnect Between Employer and Employee for BYOD (Bring Your Own Device) JULY 2014 INTRODUCTION BYOD SECURITY 2014 It s no surprise that there are many articles and papers on
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the
More information{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com
{ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling
More informationAdvanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer
Advanced Online Threat Protection: Defending Your Online Banking Customers Against Modern Malware and Fraud Andrew Bagnato Senior Systems Engineer Agenda Modern malware a targets Account credentials Financial
More informationChoosing an MDM Platform
Whitepaper Choosing an MDM Platform Where to Start the Conversation 2 Choosing an MDM Platform: Where to Start the Conversation There are dozens of MDM options on the market, each claiming to do more than
More informationData Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.
Data Loss Prevention Whitepaper When Mobile Device Management Isn t Enough Your Device Here. Good supports hundreds of devices. Contents Shifting Security Landscapes 3 Security Challenges to Enterprise
More informationThe dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more
The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific
More informationWhite Paper. Data Security. The Top Threat Facing Enterprises Today
White Paper Data Security The Top Threat Facing Enterprises Today CONTENTS Introduction Vulnerabilities of Mobile Devices Alarming State of Mobile Insecurity Security Best Practices What if a Device is
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationAnalysis of advanced issues in mobile security in android operating system
Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of
More informationDUBEX CUSTOMER MEETING
DUBEX CUSTOMER MEETING JOHN YUN Director, Product Marketing Feb 4, 2014 1 AGENDA WebPulse Blue Coat Cloud Service Overview Mobile Device Security 2 WEBPULSE 3 GLOBAL THREAT PROTECTION NEGATIVE DAY DEFENSE
More informationCisco AppHQ Enterprise Application Center: Deploy Mobile Business Apps with Confidence
White Paper Cisco AppHQ Enterprise Application Center: Deploy Mobile Business Apps with Confidence The Enterprise Exposed The post-pc era is here, thanks to next-generation mobile devices and applications.
More informationSymantec Mobile Management Suite
Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationMaaSter Microsoft Ecosystem Management with MaaS360. Chuck Brown Jimmy Tsang www.maas360.com
MaaSter Microsoft Ecosystem Management with MaaS360 Chuck Brown Jimmy Tsang www.maas360.com Introductions Chuck Brown Product Management IBM MaaS360 Jimmy Tsang Director of Product Marketing IBM MaaS360
More informationAragon Research RESEARCH NOTE. Workplace Service. Mobile Security in a BYOD World
Aragon Research Author: Mike Anderson Mobile Security in a BYOD World Summary: Employee-owned devices at work put significant strain on security and manageability. Government agencies need policy and mobile
More information