The year 2020 will be long-remembered for many reasons. Information telework – and the resulting explosion in use of mobile devices as network endpoints.
That means protection of mobile devices is more important than ever. More than securing devices and mobile workforce per se, it’s important to think of this effort as helping secure the agency enterprise itself.
As Bob Stevens, the vice president for the Americas as Lookout explained in a recent interview, agencies early in the pandemic response rushed to obtain mobile devices – smart phones and tablets, specifically – for those who suddenly needed them. Now, in a sort of second wave of activity, they are buttoning up this part of the enterprise. He said agencies are going to stick with teleworking on a large scale.
Key to understanding the best strategies for protecting mobile devices is to understand “they are outside the infrastructure. They’ve always been outside the infrastructure,” Stevens said. And yet, enterprise data comes into the devices for onboard processing and storage. Stevens said any strategy for securing mobile devices must prioritize the data.
He added, “Techniques to secure them is a defense in depth approach.” Elements of defense in depth include:
A virtual container on the device to isolate government applications and data from the user’s personal apps and data. “You’ll have your work inside that container where it’s protected and encrypted,” Stevens said.
VPN service for reaching back into the network that encrypts data in transit.
Anti-virus, anti-phishing and anti-man-in-the-middle attack software stack. In particular, Sevens, said, Lookout can detect when a session is being terminated by a seemingly benign WiFi connection that’s actually a man-in-the-middle attack collecting data – including credentials – coming from the device. These measures reinforce the container and add protection against unwanted root access (which can bypass the container) or jailbreaking.
Application monitor running on the device to ensure apps are free of malware.
“It’s really all of those things that are needed to protect the mobile devices,” Stevens said.
As for phishing, Stevens said this form of email remains the most common vector for sophisticated adversaries, such as nation-state actors, to get into a mobile device and the data it holds. Moreover, “what we know of phishing in the mobile world versus the desktop-laptop world is completely different,” he said.
“On a mobile device, phishing can happen many, many different ways,” Stevens said, including from text messages and in a myriad of apps like WhatsApp or mobile versions of social media. So a big part of minimizing the risk is training users to be alert for the mobile-specific phishing avenues.
Application monitoring, Stevens said, principally requires scanning them for viruses and other attacks, and checking to see if they are communicating only with authorized serves – and not servers in, say, China or Russia. Or whether it’s monitoring the user’s location.
Lookout’s technology, Stevens said, can scan at high speed applications users download. Applying artificial intelligence, “we can tell pretty quickly, whether it’s going to have either risky behavior or malicious behavior. And we’re going to notify both you and the organization to ensure that that no one actually uses that application.”
Also key to mobile device assurance is having visibility into all the devices being used on the network, if only to ensure that users have up-to-date operating systems that can accept the latest patches.
“It’s important to have the visibility into the operating systems you have deployed,” Stevens said, “because if you’ve got one that’s really old it could have a bunch of there’s no patch for because those companies stopped supporting those versions.”
Securing Mobile Devices in the Enterprise
The use of those devices has got to be a greater concern to all of the government agencies. And they've got to really pay attention and prioritize the securing of data. Telework happened in a big way a few months ago. Most agencies are going to stick with it for the foreseeable future, if not forever.
Vice President, Americas, Lookout
Phishing and the Analysis of Applications
Our back end infrastructure is set up so that when you download an app, we are analyzing that app. We can tell pretty quickly, whether it's going to have either risky behavior or malicious behavior. And we're going to notify both you and the organization to ensure that that no one actually uses that application.
Vice President, Americas, Lookout
Phishing Attacks, Cloud Applications and Supply Chain
We really need to start paying attention to fishing on mobile devices; it's becoming more and more prevalent today. So I think one of the things IT shops need to ensure is that they have some sort of fishing protection on their mobile devices. Because I can tell you that most of them today have nothing.
Bob Stevens heads up the Americas team at Lookout, where he focuses on providing mobile threat visibility and protection to enterprise and government entities. Bob has over 25 years of experience in the industry and prior to Lookout, he was in charge of the Symantec federal team, helping agencies secure their data. Before that he led the Juniper Network federal team and has held leadership positions at Network Equipment Technologies, Bivio Networks and Brocade Communications. Prior to entering the private sector, Bob served in the United States Air Force as a computer specialist at the White House Communications Agency. He is an avid golfer and loves cycling, running, boating, and camping.
Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years. Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.