Mobile Threat Blog

  • Mobile
    Security Insights
  • Mobile
    Threat Research
  • Mobile
    Security Tips

If you think your EMM alone provides sufficient security to tackle the mobile threats your enterprise faces every day, think again.  We’re busting this myth by showing you how your EMM is great at taking action to manage your mobility, but requires security intelligence, analysis, and prioritization to actively secure your enterprise from mobile threats.

EMMs: Management vs. Security

Enterprise Mobility Management systems have their roots in Mobile Device Management – systems created to enable IT access and control for deploying and managing employee mobile devices.  They emerged back when Blackberry was king and devices were corporate owned. When smartphones and app stores burst onto the scene, ushering in BYOD, these systems evolved to provide control and management over specific mobile applications (MAM) for businesses.  

As the industry has realized that mobile devices are also computers/endpoints that need to be properly secured, EMM functionality has grown to include legacy MDM and MAM capabilities tied to a secure container intended to keep enterprise data secure. Even so, the reality is that EMMs are not security solutions, but management solutions and they’re not enough to properly protect a mobile fleet.

An EMM alone won’t protect your organization from malware, data exfiltration, mobile device or app vulnerability, network threats, or scores of other emerging attacks.

The Brawn vs. the Brain

Think of EMMs as “the brawn.” They act as a foundational layer for mobile security, leveraging special mobile OS permissions that enable them to enforce policies. However, an EMM alone does not protect your organization from malware, data exfiltration, mobile device or app vulnerability, network threats, or scores of other emerging attack vectors because EMMs lack the visibility and detection capabilities to monitor for these threats.

Instead, EMM solutions need “the brain,” which they get from Mobile Threat Defense solutions, to eliminate their mobile security blind spots and know which remediation actions to take to regain compliance with corporate and regulatory policies, like GDPR. This is achieved through API-based integrations between EMMs and MTD solutions.  

Capabilities analysis: EMMs vs. MTDs

Mobile Threat Defense solutions provide three vectors of security – protecting against device, network, and app threats. EMMs provide some basic security, but only for only one of the three vectors: device security. For devices, EMMs can ensure users have a minimum version of an OS and a passcode on the device, and can do basic checks against Root and Jailbreak modifications.

EMMs only provide basic security for one of the three mobile threat vectors

By contrast, MTD solutions take device security a step further, performing advanced Root and Jailbreak detection, looking not just at which OS version is installed, but knowing if there are critical vulnerabilities in older OS versions, looking for changes in the device configuration, and  monitoring for device behavior anomalies.

For the remaining two security vectors, network and applications, EMMs have zero visibility.

Network security is increasingly important in mobile, as devices connect to unsecured public Wi-Fi connections, which could expose users to Man-in-The-Middle (MiTM) attacks. Users can also be tricked into accessing malicious URLs and phishing websites.

Application security is the biggest, most dynamic and most risky mobile threat vector.  87% of today’s mobile use is spent in apps (as opposed to mobile browsers or mobile email). Apps are also where employees are accessing, editing, and sharing their sensitive enterprise data, connecting to public and private clouds, and giving or managing permissions to device sensors and data. There are many apps on each device each exchanging data frequently.

Another thing to note, app threats go way beyond malware. Whether in the developer’s code, the SDKs and libraries they rely on, or in the back-end servers and data stores they leverage to store the data they collect, app vulnerabilities are the number one driver of enterprise mobile data exfiltration risk. While EMMs can tell you which apps are installed on the devices in your environment, and give you the power to whitelist or blacklist applications, EMMs have no visibility into whether or not these apps expose your users, and your company’s data, to risk.

While EMMs provide basic information on mobile devices and apps that may be relevant to security, MTD solutions dive deep to detect and protect against mobile threats across devices, apps, and networks.  Both are needed for full protection. Here’s a comparison to show you how these solutions support a strong security profile.

Best practice for shoring up EMM security gaps

As Gartner recently stated, “It’s time to add MTD to your Enterprise Mobile Management toolkit. Because it’s better to get ahead of mobile threats than it is to try and clean them up after you’ve been attacked.”

If you are currently relying on an EMM to protect your mobile fleet, you’ve taken the first step towards enabling comprehensive mobile security for your enterprise. But, as we’ve pointed out, your EMM alone is not adequate to provide enterprise mobile security. This was also highlighted in a May 2017 report by the Department of Homeland Security.  And further, it is even clear to the EMM providers who have all partnered with MTD vendors to deliver integrated,  joint solutions for identifying, prioritizing, and remediating mobile threats.

Until your EMM can detect mobile threats with the help of a Mobile Threat Defense solution, the security of your enterprise data and employee privacy are at risk.  As a best practice we recommend a layered approach to mobile security that includes the implementation of both an EMM and an MTD solution to get the protection you need.

So – do you still think that your EMM is providing you with sufficient mobile security?  For sure, EMMs are the necessary first step in securing your enterprise data from mobile threats, but aren’t even close to providing a full solution.  For that, you’ll need to add Mobile Threat Defense.

Watch and share the video on this mythbuster: