How Secure Is MDM Security?

With the proliferation of mobile devices used for business, companies are looking for tighter security than MDM solutions can offer. Here’s how you can help them. By James E. Gaskin

Gartner predicts 1.2 billion smartphones and tablets will be sold in 2014. Companies that allow employees to use them for work must take security precautions, which is why MDM (mobile device management) software has become popular. But is that enough security? No.

"Mobile security models are different from PC models," says Ojas Rege, vice president of strategy for MobileIron, in Mountain View, Calif. "IT controls PCs and can download a patch or a full image, but with phones, only the operating system vendor can change the OS."

Android (Google-designed but modified by vendors) and iOS (controlled by Apple) run each application inside a sandbox, separating memory, storage, and app features from the operating system. Unlike a PC in which the apps can infect the OS, phones prevent that. That is why hackers target mobile device operating systems.

"The info that used to be on PCs is now on mobile devices, and the hackers know these have access to corporate data," says Michael Shaulov, CEO and co-founder of San Francisco-based Lacoon Security Ltd. "Targeted attacks have already compromised one out of every 1,000 smartphones."

MDM software uses either containers to encrypt local data and VPN connections, or wrappers to add encryption to third-party apps. Other features include the ability to prevent copying certain data to outside services and to remotely wipe a phone, making it useless to thieves.

Where Resellers Come In
"The new term 'EMM' for enterprise mobility management adds extra security modules and policies for mobile devices," says Rege. "Extra security, the policies to protect the device, and identity management are all areas where resellers can help their customers. There wasn't much of a market five years ago, but now companies are looking for mobility specialists. In fact, companies will bypass their normal systems integrator to work with a mobile security specialist." The most successful resellers are those who have invested in training to understand that a new security model needs to be put in place for mobile devices.

"This is a real opportunity for resellers," agrees Shaulov. "Provide MDM plus another product for security, and you can provide real value to your customers."

Lacoon's software, which layers well with MobileIron, works on the OS level and monitors malware-type behavior against apps, so it can protect against zero-day exploits and drive-by attacks.

"There's a misconception that MDM software can mitigate some of these threats by wrapping apps in a more secure way," says Shaulov. "But malware can propagate through those layers by exploiting the OS in both Android and iOS."

Both experts give the same blueprint for reseller success: Spend the time on mobile security to become a specialist, and work with good partners. To date, the most effective resellers are security groups and mobile specialists.

About the Author