May 25, 2017

min read

EMM With Unified MTD + MARS Is the Best Practice for Mobile Security

Gartner's recently published research, Compare EMM Security Ecosystems to Make a Strategic Selection, confirms my belief that mobile security technology is moving towards a convergence of Mobile Threat Defense (MTD) and Mobile App Reputation Solutions (MARS).

"Note that MARS is converging with MTD and will likely not remain a stand-alone market. Technical professionals evaluating MARS products should favor MTD products that include MARS."

Gartner, Compare EMM Security Ecosystems to Make a Strategic Selection, May 2017

Enterprise security leaders want a comprehensive offering for mobile security because point solutions are more difficult to manage and may leave gaps in coverage - given that the Spectrum of Mobile Risk elements are fundamentally interrelated. The key insight for CISOs now is twofold: 1. That a unified "MTD + MARS" solution is a must-have, and 2. Enterprises must be able to set and enforce policies in both the MTD and MARS components, with congruent response and remediation.

The policy management capability is so critical because even multinational organizations tend to have resource-constrained security teams who - in addition to everything else on their plates - need to manage employee access to mobile apps, at global scale, in order to prevent potential data leakage.

Secure mobility requires MTD, MARS, and the capability to set custom policies

Choosing an EMM solution now depends in part on how well it integrates with MTD, with the understanding that MTD must now also deliver the same visibility into mobile app behaviors previously offered in a separate MARS point product.

"Technical professionals tasked with selecting an EMM should: Prioritize identity management, mobile threat defense (MTD) and certificate infrastructure integrations as the most critical."

Gartner, Compare EMM Security Ecosystems to Make a Strategic Selection, May 2017

Getting visibility into app behaviors is critical because so many apps handle and send sensitive data in ways that has the potential put the confidentiality, integrity, and availability of that data at risk.

According to exclusive research by the Lookout Security Intelligence team, across enterprise iOS devices protected by Lookout:

  • 30% of apps access contact records
  • 30% of apps access GPS
  • 31% of apps access the calendar
  • 39% of apps access the microphone
  • 75% of apps access the cameras

The high prevalence of apps accessing data from mobile devices is a clear sign to all organizations, and specifically to regulated industries, that there is a data leakage risk from non-malicious apps. While several of those apps might have a legitimate need to access such data, enterprise security leaders want the ability to quickly narrow down to a set of apps that exhibit a combination of behaviors that the enterprise might deem particularly risky. To mitigate such risk without the burden of manual work, security and IT teams must be able to set custom policies that prevent potential leakage of the most sensitive types of data for your industry. For example, if doctors have mobile devices with HIPAA protected patient records, then set a policy that restricts doctors at your hospital from using apps that access contact records.

Big data is the key to solving the mobile security problem

Lookout is able to deliver the leading MTD + MARS solution because our corpus of apps is now over 40 million, an order of magnitude larger than any competitive product. This unique dataset of app behaviors provides the visibility admins need in order to set policies that protect corporate data against leakage in the most scalable and effective manner.

MTD + MARS and Lookout

Without the ability to set custom policies, a MARS product is just a way for security professionals to "click into apps to see what they do," or simply another process to submit apps for review by the vendor one at a time. Neither of these approaches is scalable or efficient.

The best practice for enterprise mobile security is now integrating EMM with a unified MTD + MARS solution that provides the ability to set custom policies for malicious and data leaking apps.