Mobile Threat Defense
What is Mobile Threat Defense (MTD)?
Mobile Threat Defense or MTD is a threat identification and prevention solution that secures mobile endpoints from all kinds of cybersecurity threats. Typically, mobile threat defense solutions protect endpoints at various levels (including device, application, network, and storage levels) and prevent devices and data from being compromised.
According to Gartner, “Businesses must integrate MTD with incumbent unified endpoint management (UEM) tools. They should favor the app-based option and leave proxy-based deployment for corporate-owned business-only (COBO) scenarios.”
Why MTD Matters
Threat Vectors that MTD Solutions Cover
Malware
A malware is a malicious software that is intentionally designed by hackers for illegal activities such as eavesdropping or collecting passwords. Cybercriminals use mobile malware to lock devices and demand payment to return the data to users or unlock the device. Mobile threat defense solutions scan endpoints to monitor irregular patterns in user behavior, and then proactively block access upon detecting irregular behavior.
Malicious Apps
Malicious apps are fake, unknown or dead apps that are repacked and laced with malicious codes. Users who install applications from third-party app stores may accidentally download malicious apps. An MTD solution protects enterprise data by scanning and analyzing installed apps.
Phishing
Threat actors direct phishing links to targeted recipients through emails. Hackers trick recipients into clicking these links, which in turn, results in compromised passwords, identity theft and data leakage. A mobile threat defense solution employs filters to compare links against an exhaustive list of malicious phishing URLs, notifying users if it finds a match.
System Vulnerabilities
Unpatched OSes or rooted endpoints may become great liabilities within a perimeter-less workplace. Vulnerable endpoints may allow attackers to unleash malware and steal business data. MTD features monitor various system parameters to identify vulnerabilities on devices.
Man-in-the-Middle Attacks
Unsecured networks are an open invitation to hackers. A man-in-the-middle attack is a type of cyberattack where threat actors steal information by eavesdropping into a conversation between two parties through a compromised channel/network. A mobile threat defense solution scans wireless networks for malicious behavior and thereby prevents any man-in-the-middle attack.
Why Organizations Need Mobile Threat Defense Solution?
Today, businesses enable their employees to access business-critical data from anywhere and at any time, which jeopardizes security and makes businesses vulnerable to a broad range of threats. This makes it imperative for organizations to protect their endpoints and business data from cyberthreats at various levels. Deploying a mobile threat defense solution can help organizations strengthen mobile security by preventing, detecting, and remediating sophisticated cyberattacks using evolved techniques. When integrated with an MDM platform, these solutions ensure integrated security management and policy enforcement.
42Gears Mobile Threat Defense Feature Set
Schedule Scans
Proactively monitor the security of business-critical applications by running continuous scans, even when the devices are offline. Choose from various scan modes ranging from basic to full device scans.
Phishing and Fake Apps
Filter links across multiple web categories against a wide range of malicious phishing URLs. Check the authenticity of apps and detect fake apps by monitoring for suspicious app behavior.
Anti-virus Protection
Scan endpoints to detect suspicious objects, riskware, and adware, and add the directories that have to be monitored.
Application Monitor
Analyze installed apps, detect riskware and adware, and scan the side-loaded apps.
Secure Connectivity
Monitor Wi-Fi connection and detect network vulnerabilities such as man-in-the-middle attacks, malicious hotspots and unsecured Wi-Fi.
Anti-Spam
Detect threats hidden in contacts. IT admins can either blocklist contacts or allowlist contacts.
Schedule Scans
Scan archived documents, emails, network files, and drives at regular intervals.
Scan Mobile Applications
Monitor and regulate app behavior and access to device settings in real-time, and scan app files.
Exclude Scans
Define extensions, paths, and processes that have to be excluded from scans.
Signature Updates
Check antivirus signature updates for interval, sources, and fallback.
Exploit Guard
Provide intrusion protection for users on Windows devices.
MTD Dashboard
The Mobile Threat Defense Solution Dashboard provides multiple metrics to determine an organization’s endpoint security posture.
Threats Found in OS
Check the number of threats that were encountered in various endpoints along with the OS name.
Active Number of Threats
Monitor the number of threats that are active and have not been quarantined or deleted.
Overall Scan Result
Quickly check the number of devices that are at risk.
Device Risk Over Time
Check the level of risk over a period of time.
Affected Packages
Check the list of packages which are present on the device and are affected.
Threat Distributions
Check the level of severity and the date when those threats were encountered.
How SureMDM's Native Mobile Threat Defense Features Work
SureMDM's native mobile threat defense feature work at three different levels:
Application
SureMDM’s mobile threat defense feature identifies malicious apps that might jeopardize enterprise data through application sandboxing and code analysis. To do this, SureMDM uses techniques such as anti-malware filtering, code simulation, application reverse engineering, and static and dynamic app security testing. In addition to safeguarding devices against both known and unknown malware, SureMDM MTD also provides protection against dynamic threats.
Network
SureMDM’s mobile threat detection capabilities are built to check if devices are connected to secure or open/public networks, and then to flag suspicious connections as needed. As such, it provides protection against network attacks.
Device
Security flaws may arise due to vulnerabilities in operating systems, behavioral anomalies in devices, or both. SureMDM’s native mobile threat defense feature tackles such issues by tracking usage patterns (acceptable or abnormal) and inspecting device configurations for weaknesses that might compromise security. It monitors OS and security update versions, system parameters, device configurations, firmware, and system libraries to identify device vulnerabilities and malicious activity. SureMDM MTD also checks for modification of system libraries, configuration, and jailbreak or rooting. Its mobile threat detection capabilities can also track files stored on the device memory and identify any malicious files.
Different Scan Modes
SureMDM offers various levels of scanning that helps to monitor potentially harmful and installed apps as well as malware files.
| Basic Device Scan | Light Device Scan | Light Plus | Recommended Device Scan | Full Device Scan |
|---|---|---|---|---|
| Scans installed applications only. | Scans to monitor rooted devices and downloads directory. Also includes basic mode functionalities. | Scans to monitor unusual behavior and protect devices against viruses. Also includes root detection, Basic scanning functionalities, and scanning of the downloads directory. | Scans to monitor unusual behavior and protect devices against viruses. Also includes Light scanning functionalities, and scanning of the entire internal storage. | Thoroughly scans the overall device as well as external memory cards to detect infected objects and adware. |
How Easy Is It to Use 42Gears MTD?
42Gears’ mobile threat defense solution works through SureDefense, an on-device agent that performs scans. It is a highly powerful and adaptive tool for businesses that are looking to reduce the risk profile of supporting a mobile workforce.
Click on the image to enlarge
Click on the image to enlarge
Benefits of 42Gears MTD Solution and the SureDefense On-Device Agent
Supported Platforms
