The Best Mobile Threat Defense is Mobile Threat Detection

It’s time to add MTD to your Enterprise Mobile Management toolkit. Because it’s better to get ahead of mobile threats than it is to try and clean them up after you’ve been attacked.

The Best Mobile Threat Defense is Mobile Threat Detection

It’s time to add MTD to your Enterprise Mobile Management toolkit. Because it’s better to get ahead of mobile threats than it is to try and clean them up after you’ve been attacked.

As enterprises push ahead with mobile-first strategies – and employee smartphones and tablets increasingly become business tools – the importance of mobile threat defense (MTD) is growing.

Using mobile threat detection and defense, however, is no small task; the technology must cover applications, networks and device-level threats to iOS and Android phones and tablets to be effective.

"We talk about mobile threat defense, rather than detection – the reason being these solutions not only detect, but also can prevent and remediate threats," said Dionisio Zumerle, research director for mobile security at Gartner.

The MTD market is growing in terms of adoption, and has started to attract attention from endpoint protection platform (EPP) vendors and in other related markets, according to a recent report from Gartner.

By 2019, mobile malware will amount to one-third of total malware reported in standard tests, up sharply from 7.5% of malware today, according to Gartner's Market Guide for Mobile Threat Defense Solutions. By 2020, 30% of organizations will have MTD in place, up from the less than 10% who have it in place this year.

There is still a lot of confusion and uncertainty from end users regarding which risks MTD addresses and how urgent or useful it can be, Gartner said.

Mobile application "reputation solutions," which are used to perform app vetting, are converging with MTD in a single solution.

Machine learning plays a crucial role in threat detection

Additionally, machine learning has emerged as a foundational technology in mobile threat detection, even though it has only been around for a few years.

MTD and machine learning employs on-device software and crowdsourced threat intelligence and behavioral anomaly detection.

Machine learning, simply put, allows computers to develop more sophisticated behavior, such as pattern recognition, without being specifically programmed for it. The idea behind machine learning in MTD is for the software to sit in the background and monitor application and user behavior and identify anomalous behavior.

"By observing how devices behave, you can determine what is normal and what is abnormal behavior, and what might lead to a malicious action," Zumerle said. "Machine learning is one of the ways to speed this process up. Crowdsourcing is another component."

Malware is harder to find

The ability to monitor user and application behaviors is needed more than in the past. While malware has always been disguised as legitimate apps, it's harder to find now, according Jack Gold, principal analyst at J. Gold Associates, a mobile research firm. How you establish what is anomalous behavior is the hard part.

"Before, you could do a scan of the binary and find patterns that didn't match what they were supposed to do and detect it. Now, malware is often much more subtle and harder to find with a scan," Gold said. "You need to find the behavior of the app."

For instance, developers can build fake apps that pose as legitimate ones, say from Amazon, that will divert an end user to a site that can then steal the sensitive data they enter while attempting to make a purchase.

"How could you find that with a simple scan?" Gold said.

Another example are phishing attacks, which can't be detected through a scan either.

"So, behavior, both by the app and the person, is key to finding bad things happening, and [machine learning and artificial intelligence] are pretty good at that detection if properly trained," Gold said.

But it's a tug of war, Gold added, as the malware and anti-malware developers continue to get better.

"There's no 100% solution," he said, adding that enterprises hoping to thwart mobile threats need multiple levels of defense.

This Article Written By : itworld.com

For More Learn Click Here