By Amy Lee | September 17, 2013

“The vulnerability is tailored to a specific device,” says Dr. Guy Levy-Yurista, Chief Technology Officer at AirPatrol Corporation, a provider of wireless security based in Columbia, MD. “There’s some trial and error on the part of the hacker that would have to happen. It’s really (on) a device by device basis.”

Still, even one device is enough to endanger the security of a company’s entire network. A compromised device could act like a disease vector in an epidemic, spreading malware to everything around it.

“The potential impact for the adversary going after Fortune 500 or government agencies is extremely significant,” says Levy-Yurista. “Smartphones are completely different from PCs. We carry them around everywhere and anywhere, they provide access to all the data that we need and that we use, and they can become a Trojan horse in our pocket that can collect data about everything we’re doing.”

To find phones that may already be compromised, you may want to use mobile tracking and security software such as AirWatch, which should already have SIM card information for enrolled phones. But don’t rely on just one. Mobile device managers are often used by companies to control the settings for all the phones on that company’s network, but it may not be enough.

“Mobile applications are extremely compromisable,” says Tom Kellerman, VP of cybersecurity at TrendMicro, in Cupertino, CA. “Mobile device managers may wipe a device if its stolen, but you’re assuming they’re always secure — but any hacker can get underneath it and you’re going to assume the device is okay.”

Kellerman recommends the additional use of a mobile application reputation service, such as Veracode, which goes a step further to scan mobile apps to see what kind of information they may be passing along to third parties.

Of course, many of these mobile management systems only apply to phones that the company itself has given out — but with “bring your own device” policies on the rise, it might not be enough to check only the official devices.

“The biggest blind spot in enterprise is the ability to identify cell phones in an environment even if they’re not on the network,” says Levy-Yurista. “A lot of intrusion systems just look at WiFi connections, but if the hacker turns off the WiFi connectivity and is using the 3G or 4G, many security systems become completely useless.”

Locating every device in a location, even if those devices may or may not be company-issued, requires the use of monitoring not only devices, but data.

A mobile enterprise compliance and security server, such as Mobile Active Defense, works to ensure that data is not leaking outside of a secured network by rerouting traffic going across the selected devices through the security firm’s servers.

For the full article: