Use Threat Intelligence to Boost Mobile Security

Uploaded on 2015-07-13 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

GDH89tfyymSwo8ZluyB49A.jpg?

Security professionals are recommending that companies integrate threat intelligence, the real-time sharing of intelligence information about cyber security threats and malicious applications, with mobile device management platforms in order to improve mobile security.

The first step, according to Larry Whiteside, Jr., chief security officer of the Lower Colorado River Authority, is to make sure you’re getting the same level of log information from your enterprise mobility management (EMM)/mobile device management (MDM) provider as you would from your desktop security provider.

Bring threat intelligence feeds into your MDM system so you can use the intelligence about dangerous and malicious apps to upgrade your mobile threat defenses. That’s the recommendation of David Jevans, CEO, Chairman, and CTO of Marble Security, a provider of app security services. Often, you can bring in threat intelligence feeds to your MDM/EMM platform using an API from your MDM or threat intelligence platform provider, he says.
 “Threat intelligence can give an enterprise very quick intel into which apps should not be allowed on your network, and this can be done in a matter of hours inside an enterprise,” Jevans says. The idea is to get the data feed, correlate it with MDM and delete those apps immediately or notify those users.

Of course, things are a bit more complicated in Bring Your Own Device (BYOD) environments, but Jevans still recommends bringing your threat feeds into your MDM. However, he cautioned, that companies need to have management capabilities in place for BYOD in order to know what’s running on users' devices. That typically means deploying an agent to run on user devices that let you know what the device is running, so you can correlate the device to threat intelligence.

It’s important to note that there’s no such thing as mobile specific threat intelligence in the eyes of cyber security experts. Threat intelligence only makes sense when it’s applied across the entire infrastructure. 

Look at threat intelligence as more than just applying individual IP addresses and domains to individual transactions enterprises should look across the entire IT spectrum, including servers, databases and applications to see how mobile interactions are happening and apply threat intelligence to as broad a base as possible.

Threats against mobile devices are part of the larger threat landscape that enterprises face each day. Bringing together MDM/EMM with threat intelligence adds a cyber security over-watch to mobile security ensuring a more expedient response to rising mobile-centric cyber security threats.
Computerworld: http://bit.ly/1GgVUov

 

« Laptop Warriors: A British ‘Cyber Defence League’?
British PM Wants To Ban Encryption »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Findcourses.com

Findcourses.com

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

Arctic Group

Arctic Group

Arctic Group is a Swedish service provider focusing on cybersecurity, integration services and deployment of software development tools.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

Aquia

Aquia

Aquia are on a mission to enable innovation and drive transformative change to solve the world’s most pressing and complex cybersecurity challenges.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!

C5 Technology

C5 Technology

C5 Technology specialises in the provision of networking, security, and infrastructure services to enterprises and government agencies.

Cyber Nations

Cyber Nations

Cyber Nations is a global program designed to engage 100,000 African, Caribbean and Canadian learners to be trained in cybersecurity with a path to employment.