Use Threat Intelligence to Boost Mobile Security

Uploaded on 2015-07-13 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

GDH89tfyymSwo8ZluyB49A.jpg?

Security professionals are recommending that companies integrate threat intelligence, the real-time sharing of intelligence information about cyber security threats and malicious applications, with mobile device management platforms in order to improve mobile security.

The first step, according to Larry Whiteside, Jr., chief security officer of the Lower Colorado River Authority, is to make sure you’re getting the same level of log information from your enterprise mobility management (EMM)/mobile device management (MDM) provider as you would from your desktop security provider.

Bring threat intelligence feeds into your MDM system so you can use the intelligence about dangerous and malicious apps to upgrade your mobile threat defenses. That’s the recommendation of David Jevans, CEO, Chairman, and CTO of Marble Security, a provider of app security services. Often, you can bring in threat intelligence feeds to your MDM/EMM platform using an API from your MDM or threat intelligence platform provider, he says.
 “Threat intelligence can give an enterprise very quick intel into which apps should not be allowed on your network, and this can be done in a matter of hours inside an enterprise,” Jevans says. The idea is to get the data feed, correlate it with MDM and delete those apps immediately or notify those users.

Of course, things are a bit more complicated in Bring Your Own Device (BYOD) environments, but Jevans still recommends bringing your threat feeds into your MDM. However, he cautioned, that companies need to have management capabilities in place for BYOD in order to know what’s running on users' devices. That typically means deploying an agent to run on user devices that let you know what the device is running, so you can correlate the device to threat intelligence.

It’s important to note that there’s no such thing as mobile specific threat intelligence in the eyes of cyber security experts. Threat intelligence only makes sense when it’s applied across the entire infrastructure. 

Look at threat intelligence as more than just applying individual IP addresses and domains to individual transactions enterprises should look across the entire IT spectrum, including servers, databases and applications to see how mobile interactions are happening and apply threat intelligence to as broad a base as possible.

Threats against mobile devices are part of the larger threat landscape that enterprises face each day. Bringing together MDM/EMM with threat intelligence adds a cyber security over-watch to mobile security ensuring a more expedient response to rising mobile-centric cyber security threats.
Computerworld: http://bit.ly/1GgVUov

 

« Laptop Warriors: A British ‘Cyber Defence League’?
British PM Wants To Ban Encryption »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Site24x7

Site24x7

Site24x7 is an AI-powered observability platform for DevOps and IT operations.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions creates enterprise mobility and file sharing solutions for companies, teams and freelancers.

Romanian Accreditation Association (RENAR)

Romanian Accreditation Association (RENAR)

RENAR is the national accreditation body for Romania. The directory of members provides details of organisations offering certification services for ISO 27001.

BioConnect

BioConnect

BioConnect provide biometric access control solutions to verify a person’s identity across physical, IOT and digital applications.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

Revere Technologies

Revere Technologies

Revere Technologies is a pure-play cyber security solutions and services provider in Sub-Saharan Africa.

CertiProf

CertiProf

CertiProf has been enhancing professional lives since 2015, offering a wide range of IT certifications and agile framework training.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Lansafe

Lansafe

Lansafe stands as a leading managed service provider in the UK, seamlessly integrating IT, Telecoms, Security, Electrical and Cyber Security solutions.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.