There's been a fair amount of discussion about whether mobile devices need antimalware protection. With my employees...
using their own devices at work, for work, I want to make sure my company is adequately protected. Is the antimalware investment a necessary one? If not, is there a better product to use?
Over the past decade, mobile device management and mobile security have been two extremely difficult issues for enterprises to address. Whether an investment in antimalware is necessary might be the wrong question to ask. There are many different risks presented by mobile devices, and organizations would be wise to perform a threat assessment to better understand which threats are the highest risks for their specific business and therefore a priority to address.
The potential list of attacks against mobile devices for enterprises is very long, but the list of attacks or security incidents that make the news is relatively short. The most common mobile security threat to enterprises is lost or stolen devices. And the truth of the matter is that antimalware will not help if a device is lost or stolen and doesn't have basic mobile device security controls implemented on it, such as a PIN or remote wipe capabilities. If your organization does not require a PIN or hasn't adopted remote wipe yet, I would say these are higher priorities than antimalware.
Implementing a mobile device management (MDM) tool that includes antimalware along with other security controls (e.g., PIN enforcement, remote wipe, encryption or containerization) might be a good enterprise investment. However, before evaluating MDM tools, enterprises should ask a number of questions:
- Do we have an inventory of mobile devices to secure?
- Will the tool be implemented on employee-owned devices?
- Will our employees allow us to install such a tool on their personally owned devices?
If you cannot answer these questions, deciding to implement a mobile device management tool might not actually provide the protection expected.
Ask the Expert!
Perplexed about enterprise security? Send Nick Lewis your questions today! (All questions are anonymous.)
Related Q&A from Nick Lewis
As the Angler exploit kit evolves and adopts new functionality, it's becoming harder to detect and defend against. Enterprise threats expert Nick ...continue reading
A proof-of-concept attack on Apple's Siri allowed researchers to steal data from iOS. Learn more about the iStegSiri attack and how to defend against...continue reading
A new global email scam has cost enterprises millions. Expert Nick Lewis explains how to defend against man-in-the-email attacks with proper training...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.