Use Threat Intelligence to Boost Mobile Security

GDH89tfyymSwo8ZluyB49A.jpg?

Security professionals are recommending that companies integrate threat intelligence, the real-time sharing of intelligence information about cyber security threats and malicious applications, with mobile device management platforms in order to improve mobile security.

The first step, according to Larry Whiteside, Jr., chief security officer of the Lower Colorado River Authority, is to make sure you’re getting the same level of log information from your enterprise mobility management (EMM)/mobile device management (MDM) provider as you would from your desktop security provider.

Bring threat intelligence feeds into your MDM system so you can use the intelligence about dangerous and malicious apps to upgrade your mobile threat defenses. That’s the recommendation of David Jevans, CEO, Chairman, and CTO of Marble Security, a provider of app security services. Often, you can bring in threat intelligence feeds to your MDM/EMM platform using an API from your MDM or threat intelligence platform provider, he says.
 “Threat intelligence can give an enterprise very quick intel into which apps should not be allowed on your network, and this can be done in a matter of hours inside an enterprise,” Jevans says. The idea is to get the data feed, correlate it with MDM and delete those apps immediately or notify those users.

Of course, things are a bit more complicated in Bring Your Own Device (BYOD) environments, but Jevans still recommends bringing your threat feeds into your MDM. However, he cautioned, that companies need to have management capabilities in place for BYOD in order to know what’s running on users' devices. That typically means deploying an agent to run on user devices that let you know what the device is running, so you can correlate the device to threat intelligence.

It’s important to note that there’s no such thing as mobile specific threat intelligence in the eyes of cyber security experts. Threat intelligence only makes sense when it’s applied across the entire infrastructure. 

Look at threat intelligence as more than just applying individual IP addresses and domains to individual transactions enterprises should look across the entire IT spectrum, including servers, databases and applications to see how mobile interactions are happening and apply threat intelligence to as broad a base as possible.

Threats against mobile devices are part of the larger threat landscape that enterprises face each day. Bringing together MDM/EMM with threat intelligence adds a cyber security over-watch to mobile security ensuring a more expedient response to rising mobile-centric cyber security threats.
Computerworld: http://bit.ly/1GgVUov

 

« Laptop Warriors: A British ‘Cyber Defence League’?
British PM Wants To Ban Encryption »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Applause

Applause

Applause provides real-world software testing for functionality, usability, accessibility, load, localization and security.

Positive Technologies

Positive Technologies

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection.

CyberForce Program - US Department of Energy

CyberForce Program - US Department of Energy

The Department of Energy’s (DOE) CyberForce Program is a workforce development program that seeks to inspire and develop the next generation of cyber defenders for the energy sector.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

Pareteum

Pareteum

Pareteum is a leading Global provider of mobile networking software and services. Our mission is to provide a single solution to the problem of fully enabling and securing the Mobile Cloud.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Liquid Intelligent Technologies

Liquid Intelligent Technologies

Liquid Intelligent Technologies is a leading communications solutions provider across Africa, providing reliable connectivity, hosting, co-location, and digital services including cyber security.

Kiberna

Kiberna

Kiberna are a small but niche company specialising in data driven security to manage your cyber risks.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

Protexxa

Protexxa

Protexxa is a B2B SaaS cybersecurity platform that leverages Artificial Intelligence to rapidly identify, evaluate, predict, and resolve cyber issues for employees.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.

RealmOne

RealmOne

RealmOne addresses the most challenging issues in the realms of defense and cyberspace, adapting to the continuously changing demands of our national security customers.

Faddom

Faddom

Faddom is an agentless tool that visualizes your on-premises and cloud infrastructure, as well as their inter-dependencies.

Gray Tier Technologies (GTT)

Gray Tier Technologies (GTT)

Gray Tier is an advanced security company that focuses on developing technical solutions to the toughest cyber security challenges facing our customers.