Bring your own device – enterprise friend or foe?

By Milad Aslaner, Head of Technology Advisory Group, SentinelOne

When it comes to cybersecurity, it’s no secret that businesses have been investing considerable resources into covering traditional user endpoints like desktop workstations and laptops over the past few years. After all, these were the primary devices employees and customers used to connect to an organisation’s network.

However, the way that work gets done has evolved dramatically, with many workers not just using a computer during the standard working day, but also a mobile phone or tablet as well. Yet, many businesses are still operating under the assumption that it’s only the security of traditional endpoints like desktops and laptops that is worth considering.

Corporate use of mobile devices

By and large, organisations have welcomed the introduction of new devices into the workplace, as going mobile enables greater flexibility for workers and can boost productivity. The pandemic accelerated the shift towards conducting work on mobile devices to the point where 70% of businesses reported introducing bring-your-own-device (BYOD) policies to support their employees and 71% of businesses characterised mobile devices as very critical to their business, according to Verizon’s Mobile Security Index 2021.

Work now happens far beyond the four walls of the corporate office, and while this drives efficiency, it also has the unintended consequence of increasing the attack surface of a given business for hackers to exploit.

Now that mobile devices are a lynchpin of today’s hybrid work world, where do you begin when it comes to protecting smartphones and tablets?

Cyber risks of mobile devices

The risk to mobile endpoints is simple: sensitive business data is now being transmitted, downloaded and stored on mobile devices in a variety of settings, with an increasing number of these devices being personally owned. This mixes personal and professional data into one large melting pot. As mobile devices become increasingly integrated into our professional lives, the opportunity for hackers to find rich rewards proves too great a prospect to ignore.

Google’s Project Zero, which analyses the latest zero-day threats and vulnerabilities online, recently revealed that Android and iOS devices were involved in no less than 31% of zero-day vulnerabilities out in the field in 2021. This stark figure is all the more concerning, when you consider the rate of growth in risk for going mobile: according to Google, mobile devices were responsible for only 11% per cent of such zero-day vulnerabilities in 2020.

This suggests hackers are ramping up their efforts to breach mobile devices for data. While precise motivations are unclear, it’s possible that venturing into the mobile space is tempting new territory for cyber attackers, as the risk of being caught may seem far lower than through conventional endpoint attacks.

Taking mobile defence a step further

In the face of growing risks to data through mobile endpoints, some businesses have responded by trying to protect such devices with simple mobile device management (MDM) solutions. This quick fix has the appearance of being enough to do the job adequately, but in actual fact, MDM solutions are not considered a viable long-term means of protecting businesses. The reasons are numerous, including the fact that they lack security controls, protections and capabilities needed to block sophisticated threats.

Consider them a good start, but not the final answer to protecting enterprise mobile endpoints. Mobile threat defence (MTD) is the next level of protection required to provide the security needed, as it not only defends against attacks as they happen, but serves as a proactive solution, remediating threats as well as protecting against them. MTD solutions can enhance existing zero-trust controls by requiring mobiles devices to pass an inspection before the user is granted access. MTD also goes a step further, using AI to spot anomalous or malicious behaviour from potential threats, which can be stopped before an attack is made.

A further step is to integrate MTD with XDR (Extended Detection and Response), which extends beyond traditional EDR (Endpoint Detection and Response) and makes decisions based on data from more products. It can also take action across many other network data points, like email, network and identity.

A more robust approach to going mobile

As businesses increasingly move to include mobile devices as part of their device mix, a more robust approach to securing mobile devices is critical. Legacy mobile security tools lack the advanced approach to mobile endpoint security needed to keep up with modern-day threats.

Instead, purpose-built mobile security solutions like MTD and XDR bring a whole host of advanced security features to protect mobile devices, providing AI-powered protection that takes a more behavioural approach to threats – protecting everything from the smartphone in the pocket to the desktop in the office.

Mobile devices in the corporate environment are here to stay, and it’s imperative that organisations strengthen their mobile device security to avoid any of these devices becoming the starting point for a much bigger security incident.