I've been hearing more and more about malware posing as legitimate security programs on mobile devices. Are there any ways to detect these malicious programs, either through the network or on the devices themselves? How can I help employees detect such programs in a BYOD environment?
Fake antimalware programs have been successfully posing as real apps in attacks against Windows PCs for years. Now attackers are starting to employ the same social-engineering techniques in malware attacks against mobile devices; successful attack techniques are incorporated into attack toolkits just as new features are added to traditional software.
Enterprises can help employees in a bring your own device environment to prevent and detect malicious apps primarily though security awareness. First, be sure to tell employees to only use approved app stores that require signed applications. Employees should also check the reputation of the app in the app store and review its positive or negative reviews.
Standard enterprise security tools can also be used. For example, VPN systems can run a host security scan to detect malware or insecure configurations, and network monitoring tools could notify employees if their device is detected as infected. Employers should also put in their mobile security policy that end users must install a mobile security application or use an enterprise mobile device management system; these could detect and remove malware.
To mitigate the risk of SandroRAT, enterprises could strip Android application files from email as there are few legitimate reasons to install Android applications from emails. Additionally, instructing users to only install apps from trusted app stores will help prevent malicioius applications from getting installed by clicking a link in an email or SMS message to download what may or may not be a "real" app.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading
Cloud security providers need to play catch-up with the evolving advancements in cloud technology. Find out what the top CSPs offer today and which ... Continue Reading
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.