75% of mobile security breaches due to mobile app misconfiguration
TweetFollow Us on Twitter

75% of mobile security breaches due to mobile app misconfiguration

Nearly 2.2 billion smartphones and tablets will be sold to end users in 2014 according to Gartner, Inc. (www.gartner.com) While security incidents originating from mobile devices are rare, the research group says that by 2017, 75% of mobile security breaches will be the result of mobile application misconfiguration.

"Mobile security breaches are — and will continue to be — the result of misconfiguration and misuse on an app level, rather than the outcome of deeply technical attacks on mobile devices," says Dionisio Zumerle, principal research analyst at Gartner. "A classic example of misconfiguration is the misuse of personal cloud services through apps residing on smartphones and tablets. When used to convey enterprise data, these apps lead to data leaks that the organization remains unaware of for the majority of devices."

With the number of smartphones and tablets on the increase, and a decrease in traditional PC sales, attacks on mobile devices are maturing. By 2017, Gartner predicts that the focus of endpoint breaches will shift to tablets and smartphones.
To do significant damage in the mobile world, malware needs to act on devices that have been altered at an administrative level.

"The most obvious platform compromises of this nature are 'jailbreaking' on iOS or 'rooting' on Android devices. They escalate the user's privileges on the device, effectively turning a user into an administrator," says Zumerle.

While these methods allow users to access certain device resources that are normally inaccessible (in fact, in most cases they are performed deliberately by users), they also put data in danger. This is because they remove app-specific protections and the safe "sandbox" provided by the operating system.

They can also allow malware to be downloaded to the device and open it up to all sorts of malicious actions, including extraction of enterprise data. "Rooted" or "jailbroken" mobile devices also become prone to brute force attacks on passcodes.
The best defense is to keep mobile devices fixed in a safe configuration by means of a mobile device management (MDM) policy, supplemented by app shielding and 'containers' that protect important data.

Gartner recommends that IT security leaders follow an MDM/enterprise mobility management baseline for Apple and Android devices as follows:

° Ask users to opt in to basic enterprise policies, and be prepared to revoke access controls in the event of changes. Users that are not able to bring their devices into basic compliance must be denied (or given extremely limited) access.

° Require that device passcodes include length and complexity as well as strict retry and timeout standards.

° Specify minimum and maximum versions of platforms and operating systems. Disallow models that cannot be updated or supported.

° Enforce a "no jailbreaking/no rooting" rule, and restrict the use of unapproved third-party app stores. Devices in violation should be disconnected from sources of business data, and potentially wiped, depending on policy choices.

° Require signed apps and certificates for access to business email, virtual private networks, Wi-Fi and shielded apps.

IT security leaders also need to use network access control methods to deny enterprise connections for devices that exhibit potentially suspicious activity.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Avatar Legends: Realms Collide pre-regis...
Despite the staying power that the series has, Avatar: The Last Airbender surprisingly fumbled in the mobile gaming sphere, with Generations shuttering about a mere year after launch. Now, Tilting Point is giving it a go, with the upcoming Avatar... | Read more »
Return to the glory days of tactical RPG...
Back on the old Sega Mega Drive, or Genesis depending on where you are, there was a little series of tactical role-playing games called Shining Force, and I adored them. It started a love for this grid-based genre that persisted through the years... | Read more »
Take on the grandest beasts of all as th...
It has been hyped for a while but now it is finally here, the new Dancing in the Tempest season has arrived in Monster Hunter Now. Kicking off a banner summer for the game, it is time to strap on your boots and face the greatest threat yet, as the... | Read more »
The indie hit Vault of the Void will lan...
In a market where a lot of AAA games are starting to feel like reboots, remakes, or the same thing we’ve seen ten times with a different name slapped on it, indie developers are a boon. Especially ones who build a successful game singlehandedly,... | Read more »
Stumble Guys tries to catch up to the hy...
Do you remember when the Fallout TV series launched on Amazon and everyone nearly lost their minds? Well, it appears that Scopely missed that particular craze, and only now are we going to get a Fallout crossover, and by now, I mean in version 0.... | Read more »
Bid farewell to Penacony as Honkai: Star...
Penacony has been a story of twists, exciting new characters, and strong allies, and soon Honkai: Star Rail will be finishing it with a bang. Version 2.3, fittingly titled Farewell Penacony, will be launching June 19th and will feature updates to... | Read more »
HoYoverse roll out their plans for Anime...
For those who are looking to book a getaway in July, you might give some thought to Los Angeles between the 4th and 7th, which just so happens to coincide with the Anime Expo 2024. Amongst all the storied attendees is HoYoverse, who will be... | Read more »
The first rule of Brok the InvestiGator...
Mobile gamers were recently able to get their hands on BROK the InvestiGator, a point-and-click following the adventures of the titular reptile, a detective who can solve crimes through wit or brawn. If you were one that chose the latter then... | Read more »
Diablo Immortal celebrates second annive...
It has been two years since Diablo Immortal launched and despite some very valid criticism of its business model, it has done pretty well for itself. The Tempest class also gives it a lot of grace. To celebrate this anniversary, the March of the... | Read more »
Pokemon GO pulls on its jersey for a foo...
There have been a lot of jokes about this, some by me, but Pokemon Go has genuinely done a lot of good by getting people out and about.Pokemon GO Fest 2024: Madrid is fast approaching, and Niantic has set up a new area in a bit to get people to... | Read more »
See All

Price Scanner via MacPrices.net

Apple Watch Ultra Watch 2 on sale for $719, s...
Amazon is offering an $80 discount on every Apple Watch Ultra 2 model this week. Their price is now $719. Shipping is free. For the latest prices & deals, keep an eye on our Apple Watch Price... Read more
New sale at Amazon: 16-inch M3 Pro and M3 Max...
Amazon is offering instant discounts on 16″ M3 Pro and 16″ M3 Max MacBook Pros ranging up to $350 off MSRP. Shipping is free. These are the lowest prices currently available for new 16″ Apple MacBook... Read more
Get a 13-inch M2 MacBook Air today at Apple f...
Apple has 13″ M2 MacBook Airs available for only $849 today in their Certified Refurbished store. These are the cheapest M2-powered MacBooks for sale at Apple. Apple’s one-year warranty is included,... Read more
Clearance Mac Studio with M1 Max CPU availabl...
Apple has clearance M1 Max Mac Studios available in their Certified Refurbished store for $270 off original MSRP. Each Mac Studio comes with Apple’s one-year warranty, and shipping is free: – Mac... Read more
Apple has 24-inch M3 iMacs on sale for $200-$...
Apple has a full line of 24-inch M3 iMacs available in their Certified Refurbished store starting at $1099 and ranging up to $260 off original MSRP. Each iMac is in like-new condition and comes with... Read more
24-inch M1 iMacs are available at Apple start...
Apple has clearance M1 iMacs available in their Certified Refurbished store starting at $1049 and ranging up to $300 off original MSRP. Each iMac is in like-new condition and comes with Apple’s... Read more
Back to School savings: Take $50-$100 off new...
Apple will take $50-$100 off new 11″ and 13″ M2 iPad Airs for all teachers, students, and staff of any educational institution with a .edu email address as part of their Apple Education discount,... Read more
Could A Smarter Siri Infused With AI (‘Apple...
FEATURE – The iPhone is already smart, but it’s about to become more intelligent. AI — short for artificial intelligence — is widely expected to be the main topic of discussion at this year’s WWDC (... Read more
Update: For WWDC, Amazon has lowered prices o...
Amazon has every configuration and color of Apple’s M3 MacBook Airs now on sale for $170-$210 off MSRP, starting at only $899 shipped, as Apple holds their annual WWDC conference this week. Their... Read more
Deal Alert! 2nd-generation Apple AirPods on s...
Amazon has 2nd generation Apple AirPods on sale right now for only $79.99 shipped. That’s $50 (38%) off Apple’s MSRP. Their price is the lowest currently available for a new set of AirPods from any... Read more
 

Jobs Board

Beauty Consultant - *Apple* Blossom Mall -...
Beauty Consultant - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Senior Software Engineer - *Apple* Fundamen...
…center of Microsoft's efforts to empower our users to do more. The Apple Fundamentals team focused on defining and improving the end-to-end developer experience in Read more
Sublease Associate Optometrist- *Apple* Val...
Sublease Associate Optometrist- Apple Valley, CA- Target Optical Date: Jun 17, 2024 Brand: Target Optical Location: Apple Valley, CA, US, 92307 **Requisition Read more
Rehabilitation Medicine Technician - *Apple*...
Rehabilitation Medicine Technician - Apple Hill (Outpatient Clinic) - Day/Evening Location: York Hospital, York, PA Schedule: Part Time Sign-On Bonus Eligible Read more
Operations Associate - *Apple* Blossom Mall...
Operations Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.