August 17, 2016
Gartner Market Guide for Mobile Threat Defense Solutions – What You Need to Know
Gartner published its “Market Guide for Mobile Threat Defense Solutions” a few weeks ago, and in my view it offers three key takeaways for security and IT leaders facing the challenge of securing mobility in your organizations.
In the guide, Gartner establishes a clear definition for Mobile Threat Defense (MTD), outlines the market’s direction through 2018, and provides the capabilities an MTD solution should have.
Let’s take a closer look at what I see as the “must know” takeaways from this report:
Takeaway #1: MTD solutions should provide four levels of protection
Here is Gartner’s market definition for Mobile Threat Defense:
“The MTD solutions market is made up of products that protect organizations from threats on mobile platforms, including iOS, Android and Windows 10 Mobile. MTD solutions provide security at one or more of these four levels:
- Device behavioral anomalies — MTD tools provide behavioral anomaly detection by tracking expected and acceptable use patterns.
- Vulnerability assessments — MTD tools inspect devices for configuration weaknesses that will lead to malware execution.
- Network security — MTD tools monitor network traffic and disable suspicious connections to and from mobile devices.
- App scans — MTD tools identify "leaky" apps (meaning apps that can put enterprise data at risk) and malicious apps, through reputation scanning and code analysis.*”
This definition is important because it makes clear what mobile threat defense solutions should protect against in enterprise environments and also further clarifies the role of MTD in securing mobility. To learn more about how MTD works with Enterprise Mobility Management (EMM) solutions to deliver more than the sum of their parts, read my earlier post, Insights from Gartner: When and How to Go Beyond EMM to Ensure Secure Enterprise Mobility.
Takeaway #2: MTD solutions are becoming increasingly important for enterprises
“It is becoming increasingly important that security leaders look at the anti-malware, mobile threat defense solutions market, the products available and how they should be used.*”
In my view, the main reason for raising the sense of urgency for enterprises to add MTD solutions is that the mobile security “workarounds” many organizations have been using are not long-term solutions. Approaches like improved employee awareness training and data loss prevention tools can’t detect or remediate mobile threats. Here at Lookout, our massive dataset of mobile threats gives me a front row seat to see how these threats are becoming more sophisticated and prevalent. My take is that Gartner is aware of these trends also, leading them to conclude:
“However, basic policy enforcement will not suffice indefinitely. As mobile attack techniques become more practical and realistic (for example, the Stagefright vulnerability exploit, the iOS malicious profile and XcodeGhost), enterprises will be required to more quickly ‘step up their games’ in terms of security.*”
This is some of the most imperative language that I’ve seen Gartner use, and I believe it’s worth noting. Whether “step up their games” means initiating a lab test for threat detection among MTD solutions or a small production pilot, now is the time to get started.
The bottom line here is that enterprise security leaders are now concerned about mobile threats and how access to corporate data is being secured on mobile devices. This report has validated mobile isn’t a fringe threat. It’s mainstream.
Takeaway #3: Lookout delivers every key capability required for mobile threat defense
Of course, I’m also pleased to share that in the table of Functional Capabilities of MTD Vendors included in the market guide, Lookout Mobile Endpoint Security receives a check mark for delivering all four types of MTD protection: device behavioral anomalies, vulnerability assessments, network security, and app scans.
In addition to detecting malicious, sideloaded, and data leaking apps on iOS and Android devices, and across mobile network connections, Lookout also offers several unique advantages:
- Lookout threat detection is based on app binaries, OS fingerprints, and network connections from a global network of 100 million mobile sensors.
- Integration with Microsoft Intune, in addition to VMware AirWatch and MobileIron.
The fact that Gartner has published the first Market Guide for Mobile Threat Defense Solutions is a milestone in the development of this technology category. Continue to follow Lookout for all the latest developments in MTD and beyond.
*Market Guide for Mobile Threat Defense Solutions, John Girard, Dionisio Zumerle, July 2016
©2016 GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved. Gartner, Inc., Market Guide for Mobile Threat Defense Solutions, John Girard, Dionisio Zumerle, 28 July 2016. The Gartner Report(s) described herein, (the “Gartner Report(s)”) represent(s) research opinion or viewpoints published, as part of a syndicated subscription service, by Gartner, Inc. (“Gartner”), and are not representations of fact. Each Gartner Report speaks as of its original publication date (and not as of the date of this Prospectus) and the opinions expressed in the Gartner Report(s) are subject to change without notice.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Book a personalized, no-pressure demo today to learn:
- How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
- Real-world examples of phishing and app threats that have compromised organizations
- How an integrated endpoint-to-cloud security platform can detect threats and protect your organization