Skip to content

Posts from the ‘MobileIron’ Category

Sep 12

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

  • Remote working’s rapid growth is making endpoint security an urgent priority for all organizations today.
  • Cloud-first deployment strategies dominate the innovations on this year’s Hype Cycle for Endpoint Security.
  • Zero Trust Security (ZTNA) is gaining adoption in enterprises who realize identities are the new security perimeter of their business.
  • By 2024, at least 40% of enterprises will have strategies for adopting Secure Access Service Edge (SASE) up from less than 1% at year-end 2018.

These and many other new insights are from Gartner Hype Cycle for Endpoint Security, 2020 published earlier this year and the recent announcement, Gartner Says Bring Your Own PC Security Will Transform Businesses within the Next Five Years. Gartner’s definition of Hype Cycles includes five phases of a technology’s lifecycle and is explained here.  There are 20 technologies on this year’s Hype Cycle for Endpoint Security. The proliferation of endpoint attacks, the rapid surge in remote working, ransomware, fileless and phishing attacks are together, creating new opportunities for vendors to fast-track innovation. Cloud has become the platform of choice for organizations adopting endpoint security today, as evidenced by the Hype Cycle’s many references to cloud-first deployment strategies.  The Gartner Hype Cycle for Endpoint Security, 2020, is shown below:

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

 

Details Of What’s New In Gartner’s Hype Cycle for Endpoint Security, 2020

  • Five technologies are on the Hype Cycle for the first time reflecting remote working’s rapid growth and the growing severity and sophistication of endpoint attacks. Unified Endpoint Security, Extended Detection and Response, Business E-Mail Compromise Protection, BYOPC Security and Secure Access Service Edge (SASE) are the five technologies added this year. Many organizations are grappling with how to equip their remote workforces with systems, devices and smartphones, with many reverting to have employees use their own. Bring your PC (BYOPC) has become so dominant so fast that Gartner replaced BYOD on this year’s Hype Cycle with the new term. Gartner sees BYOPC as one of the most vulnerable threat surfaces every business has today. Employees’ devices accessing valuable data and applications continues to accelerate without safeguards in place across many organizations.
  • Extended detection and response (XDR) are on the Hype Cycle for the first time, reflecting the trend of vendor consolidation across cybersecurity spending today. Gartner defines XDR as a vendor-specific, threat detection and incident response tool that unifies multiple security products into a security operations system. XDR and its potential to reduce the total cost and complexity of cybersecurity infrastructures is a dominant theme throughout this year’s Hype Cycle. XDR vendors are claiming that their integrated portfolios of detection and response applications deliver greater accuracy and prevention than stand-alone systems, driving down Total Cost of Ownership (TCO) and increasing productivity. Key vendors in XDR include Cisco, FireEye, Fortinet, McAfee, Microsoft, Palo Alto Networks, Sophos, Symantec and Trend Micro.
  • Business email compromise (BEC) protection is on the Hype Cycle for the first time this year. Phishing attacks cost businesses $1.8B in 2019, according to the FBI, underscoring the need for better security in the area of business email. Gartner defines business email compromise (BEC) protection as a series of solutions that detect and filter malicious emails that fraudulently impersonate business associates to misdirect funds or data. There have been many instances of business email compromise attacks focused on C-level executives, hoping that a fraudulent directive from them to subordinates leads to thousands of dollars being transferred to outside accounts or being sent in gift cards. Gartner found that fraudulent invoices accounted for 39% of such attacks in 2018, posing an internal risk to organizations and reputation risk.
  • Unified Endpoint Security (UES) is being driven by IT organizations’ demand for having a single security console for all security events. Gartner notes that successful vendors in UES will be those that can demonstrate significant productivity gains from the integration of security and operations and those that can rapidly process large amounts of data to detect previously unknown threats. CIOs and CISOs are looking for a way to integrate UES and Unified Endpoint Management (UEM), so their teams can have a single, comprehensive real-time console of all devices that provides alerts of any security events. The goal is to adjust security policies across all devices. Absolute’s approach to leveraging their unique persistence, resilience and intelligence capabilities are worth watching. Their approach delivers unified endpoint security by relying on their Endpoint Resilience platform that includes a permanent digital tether to every endpoint in the enterprise. By having an undeletable digital thread to every device, Absolute is enabling self-healing, greater visibility and control. Based on conversations with their customers in Education and Healthcare, Absolute’s unique approach gives IT complete visibility into where every device is at all times and what each device configuration looks like in real-time.
  • Unified Endpoint Management (UEM) is expanding rapidly beyond managing PCs and mobile devices to provide greater insights from endpoint analytics and deeper integration Identity and Access Management. Gartner notes interest in UEM remains strong and use-case-driven across their client base. UEM’s many benefits, including streamlining continuous OS updates across multiple mobile platforms, enabling device management regardless of the connection and having an architecture capable of supporting a wide range of devices and operating systems are why enterprises are looking to expand their adoption of UEM. Another major benefit enterprises mention is automating Internet-based patching, policy, configuration management. UEM leaders include MobileIron, whose platform reflects industry leadership with its advanced unified endpoint management (UEM) capabilities. MobileIron provides customers with additional security solutions integrated to their UEM platform, including passwordless multi-factor authentication (Zero Sign-On) and mobile threat defense (MTD). MTD is noteworthy for its success at MobileIron customers who need to validate devices at scale, establish user context, verify network connections, then detect and remediate threats.
  •  Gartner says ten technologies were either removed or replaced in the Hype Cycle because they’ve evolved into features of broader technologies or have developed into tools that address more than security. The ten technologies include protected browsers, DLP for mobile devices, managed detection and response, user and entity behavior analytics, IoT security, content collaboration platforms, mobile identity, user authentication, trusted environments and BYOD being replaced by BYOPC.

 

Aug 23

5 Ways Machine Learning Can Thwart Phishing Attacks

5 Ways Machine Learning Can Thwart Phishing Attacks

Mobile devices are popular with hackers because they’re designed for quick responses based on minimal contextual information. Verizon’s 2020 Data Breach Investigations Report (DBIR) found that hackers are succeeding with integrated email, SMS and link-based attacks across social media aimed at stealing passwords and privileged access credentials. And with a growing number of breaches originating on mobile devices according to Verizon’s Mobile Security Index 2020, combined with 83% of all social media visits in the United States are on mobile devices according to Merkle’s Digital Marketing Report Q4 2019, applying machine learning to harden mobile threat defense deserves to be on any CISOs’ priority list today.

How Machine Learning Is Helping To Thwart Phishing Attacks

Google’s use of machine learning to thwart the skyrocketing number of phishing attacks occurring during the Covid-19 pandemic provides insights into the scale of these threats. On a typical day, G-Mail blocks 100 million phishing emails. During a typical week in April of this year, Google’s G-Mail Security team saw 18M daily malware and phishing emails related to Covid-19. Google’s machine learning models are evolving to understand and filter phishing threats, successfully blocking more than 99.9% of spam, phishing and malware from reaching G-Mail users. Microsoft thwarts billions of phishing attempts a year on Office365 alone by relying on heuristics, detonation and machine learning strengthened by Microsoft Threat Protection Services.

42% of the U.S. labor force is now working from home, according to a recent study by the Stanford Institute for Economic Policy Research (SIEPR). The majority of those working from home are in professional, technical and managerial roles who rely on multiple mobile devices to get their work done. The proliferating number of threat surfaces all businesses have to contend with today is the perfect use case for thwarting phishing attempts at scale.

What’s needed is a machine learning engine capable of analyzing and interpreting system data in real-time to identify malicious behavior. Using supervised machine learning algorithms that factor in device detection, location, user behavior patterns and more to anticipate and thwart phishing attacks is what’s needed today. It’s a given that any machine learning engine and its supporting platform needs to be cloud-based, capable of scaling to analyze millions of data points. Building the cloud platform on high-performing computing clusters is a must-have, as is the ability to iterative machine learning models on the fly, in milliseconds, to keep learning new patterns of potential phishing breaches. The resulting architecture would be able to learn over time and reside on the device recursively. Protecting every endpoint if it’s connected to WiFi or a network or not is a key design goal that needs to be accomplished as well. MobileIron recently launched one of the most forward-thinking approaches to solving this challenge and its architecture is shown below:

5 Ways Machine Learning Can Thwart Phishing Attacks

Five Ways Machine Learning Can Thwart Phishing Attacks 

The one point of failure machine learning-based anti-phishing apps continue to have is lack of adoption. CIOs and CISOs I’ve spoken with know there is a gap between endpoints secured and the total endpoint population. No one knows for sure how big that gap is because new mobile endpoints get added daily. The best solution to closing the gap is by enabling on-device machine learning protection. The following are five ways machine learning can thwart phishing attacks using an on-device approach:

1.    Have machine learning algorithms resident on every mobile device to detect threats in real-time even when a device is offline.  Creating mobile apps that include supervised machine learning algorithms that can assess a potential phishing risk in less than a second is what’s needed. Angular, Python, Java, native JavaScript and C++ are efficient programming languages to provide detection and remediation, so ongoing visibility into any malicious threat across all Android and iOS mobile devices can be tracked, providing detailed analyses of phishing patterns. The following is an example of how this could be accomplished:

5 Ways Machine Learning Can Thwart Phishing Attacks

2.    Using machine learning to glean new insights out of the massive amount of data and organizations’ entire population of mobile devices creates a must-have.  There are machine learning-based systems capable of scanning across an enterprise of connected endpoints today. What’s needed is an enterprise-level approach to seeing all devices, even those disconnected from the network.

3.    Machine learning algorithms can help strengthen the security on every mobile device, making them suitable as employees’ IDs, alleviating the need for easily-hackable passwords. According to Verizon, stolen passwords cause 81% of data breaches and 86% of security leaders would do away with passwords, if they could, according to a recent IDG Research survey. Hardening endpoint security to the mobile device level needs to be part of any organizations’ Zero Trust Security initiative today. The good news is machine learning algorithms can thwart hacking attempts that get in the way making mobile devise employees’ IDs, streamlining system access to the resources they need to get work done while staying secure.

4.    Keeping enterprise-wide cybersecurity efforts focused takes more than after-the-fact analytics and metrics; what’s needed is look-ahead predictive modeling based machine learning data captured at the device endpoint.  The future of endpoint resiliency and cybersecurity needs to start at the device level. Capturing data at the device level in real-time and using it to train algorithms, combined with phishing URL lookup, and Zero Sign-On (ZSO) and a designed-in Zero Trust approach to security are essential for thwarting the increasingly sophisticated breach attempts happening today.

5.    Cybersecurity strategies and the CISOs leading them will increasingly be evaluated on how well they anticipate and excel at compliance and threat deterrence, making machine learning indispensable to accomplishing these tasks. CISOs and their teams say compliance is another area of unknowns they need greater predictive, quantified insights into. No one wants to do a compliance or security audit manually today as the lack of staff due to stay-at-home orders makes it nearly impossible and no one wants to jeopardize employee’s health to get it done.  CISOs and teams of security architects also need to put as many impediments in front of threat actors as possible to deter them, because the threat actor only has to be successful one time, while the CISO/security architect have to be correct 100% of the time. The answer is to combine real-time endpoint monitoring and machine learning to thwart threat actors while achieving greater compliance.

Conclusion

For machine learning to reach its full potential at blocking phishing attempts today and more advanced threats tomorrow, every device needs to have the ability to know if an email, text or SMS message, instant message, or social media post is a phishing attempt or not. Achieving this at the device level is possible today, as MobileIron’s recently announced cloud-based Mobile Threat Defense architecture illustrates. What’s needed is a further build-out of machine learning-based platforms that can adapt fast to new threats while protecting devices that are sporadically connected to a company’s network.

Machine learning has long been able to provide threat assessment scores as well. What’s needed today is greater insights into how risk scores relate to compliance. Also, there needs to be a greater focus on how machine learning, risk scores, IT infrastructure and the always-growing base of mobile devices can be audited. A key goal that needs to be achieved is having compliance actions and threat notifications performed on the device to shorten the “kill chain” and improve data loss prevention.

Mar 15

Five Interesting Takeaways From RSA Conference 2020

Five Interesting Takeaways From RSA Conference 2020

 

Bottom Line: Passwordless authentication, endpoint security, cloud-native SIEM platforms, and new API-based data security technologies were the most interesting tech developments, while keynotes focusing on election security, industrial control systems’ vulnerabilities and the persistent threat of state-sponsored ransomware dominated panel discussion.

This year’s RSA Conference was held February 24th to 28th in San Francisco’s Moscone Center, attracting more than 36,000 attendees, 704 speakers, and 658 exhibitors unified by the theme of the Human Element in cybersecurity. The conference’s agenda is here, with many session recordings and presentation slides available for download. Before the conference, RSA published the RSAC 2020 Trend Report (PDF, 13 pp., no opt-in). RSA received 2,400 responses to their Call for Speakers and based their report on an analysis of all submissions. The ten trends in the RSAC 2020 Trend Report are based on an analysis of all papers submitted to the conference. It’s a quick read that provides a synopsis of the main themes of the excellent sessions presented at RSAC 2020.

The following are the five most interesting takeaways from the 2020 RSA Conference:

  • Endpoint security products dominated the show floor, with over 120 vendors promoting their unique solutions. There were over 50 presentations and panels on the many forms of endpoint security as well. Instead of competing for show attendees’ attention on the show floor, Absolute Software took the unique approach of completing a survey during RASC 2020. Absolute’s team was able to interview 100 respondents, with most holding the position of a manager/supervisor or C-level executive. More than three in four respondents reported their organizations are using endpoint security tools, multi-factor authentication, and employee training and education to protect data, devices, and users. You can review their survey results here.
  • The number of vendors claiming to have Zero Trust solutions grew 50% this year, from 60 in 2019 to 91 in 2020. There continues to be a lot of hype surrounding Zero Trust, with vendors having mixed results with their product and messaging strategies in this area. A good benchmark to use for evaluating vendors in the Zero Trust market is the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019, written by Chase Cunningham and published on October 29, 2019. I’ve summarized the lessons learned in the post, What’s New on the Zero Trust Security Landscape In 2019.
  • Over 30 vendors claimed to have passwordless authentication that met the current FIDO2 standard. In keeping with the theme of this year’s RSA Conference of Human Element, vendors offering passwordless authentication were out in force. Centrify, Entrust Datacard, HID Global, Idaptive, ImageWare, MobileIron, Thales, and many others promoted their unique approaches to passwordless authentication, leveraging the FIDO2 standard. FIDO2 is the latest set of specifications from the FIDO Alliance, an industry standards organization that provides interoperability testing and certification for servers, clients, and authenticators that meet FIDO2 specifications. I’ve written a separate post just on this topic, and you can find it here, Why Your Biometrics Are Your Best Password. 
  • Cloud-based security information and event management (SIEM) systems capable of integrating with 3rd party public cloud platforms reflect the maturity nature of this market. Of the several vendors claiming to have cloud-based SIEM, Microsoft’s Azure Sentinel’s demo showed in real-time how fusion AI technology can parse large volumes of low fidelity signals into a few important incidents for SecOps teams to focus on. Microsoft said that in December 2019 alone, Azure Sentinel evaluated nearly 50 billion suspicious signals, isolating them down to just 25 high-confidence incidents for SecOps teams to investigate. The following graphic explains how Azure Sentinel Fusion works.
  • One of the most interesting startups at RSA was Nullafi, who specializes in a novel API-based data security technology that combines data aliasing, vaulting, encryption, and monitoring to create an advanced data protection platform that makes hacked data useless to hackers. What makes Nullafi noteworthy is how they’ve been able to build a data architecture that protects legacy and new infrastructures while making the original data impossible for a hacker to reverse engineer and gain access to. It desensitizes critical data so that it’s useless to hackers but still useful for an organization to keep operating, uninterrupted by a breach to your business. Nullafi is built to AWS GovCloud standards. The Nullafi SDK encrypts the data before sending it to the Nullafi API. It then re-encrypts the data within their zero-knowledge vault in the cloud (or on-premises). The result is that no sensitive data in any format is shared with Nullafi that could be used or lost, as their architecture doesn’t have visibility into what the actual data looks like. The following graphic explains their architecture:

 

Jan 28

Five Factors Predicting The Future Of MacOS Management And Security

Bottom Line: Going into 2020, CISOs’ sense of urgency for managing their fleets of Android, Apple iOS & macOS, Windows Phone, and Windows 10 devices all from an integrated Unified Endpoint Management (UEM) is transforming the MacOS Management and Security landscape.

For many, CISOs, the highest priority project they’re starting the New Year with is getting their diverse fleet of devices on a common unified endpoint management platform. “We’ve gone through no less than a dozen UEMs (Unified Endpoint Management) systems, and they are either very good at supporting iOS and macOS or terrible at every other operating system or vice versa,” the CISO of a leading insurance and financial services firm told me over lunch recently. “Our sales, marketing, graphic artists, DevOps, and Customer Success teams all are running on Macs and iPhones, which makes it even more of a challenge to get everyone on the same endpoint management platform.” He went on to explain that the majority of macOS and iOS endpoint management systems aren’t built to support the advanced security he needs for protecting Android, Windows Phone, and Windows 10 devices.

Unified Endpoint Management is a key CISO priority in 2020

macOS and iOS devices had their own endpoint management tools in previous years when they were limited in use. Now they’re common in the enterprise and need to be considered part of an organization-wide fleet of devices, making it a high priority to add them to the unified endpoint management platform all other devices are on. Further accelerating this change is the success of BYOD policies that give employees the choice of using the tablets, smartphones, and laptops they’re the most productive with. One CISO told me their BYOD program made it clear macOS and iOS are the de facto standard across their enterprise.

While endpoint management platforms are going through an Apple-driven inflection point, forcing the need for a more inclusive unified endpoint management strategy, CISOs are focusing on how to improve application and content control at the same time. How enterprises choose to solve that challenge are predicting the future of MacOS management and security.

Five Factors Driving the Future of macOS Management and Security

CISOs piloting and only buying platforms that can equally protect every device operating system, macOS, and iOS’ rapidly growing enterprise popularity and better support for adaptive access are a few of the catalysts redefining the landscape today. The following five factors are defining how MacOS Management and Security will improve in 2020:

  • Enterprises need more effective endpoint and application management that includes Android, Apple iOS & macOS, Windows Phone, and Windows 10. There’s a major gap in how effective endpoint protection is across the UEM platforms today. Data-at-risk encryption and App distribution, or how well a UEM system can create, update, and distribute macOS applications are two areas cybersecurity teams are focusing on today.

Five Factors Predicting The Future Of MacOS Management And Security

  • System integration options needs to extend beyond log reports and provide real-time links to Security Information and Event Management (SIEM) systems. CISOs and their cybersecurity teams need real-time integration to incident management systems so they can be more effective troubleshooting potential breach attempts. Sharing log files across other systems is a first step, yet real-time integration is clearly what’s needed to protect enterprises’ many devices and threat surfaces today. The following Splunk dashboard illustrates the benefits of having real-time integration beyond log reports, encompassing SIEM systems:

Five Factors Predicting The Future Of MacOS Management And Security

  • UEM platforms that differentiate between corporate-owned and personal devices, content and authentication workflows, and data are defining the future of macOS Management and Security. Key factors that CISOs need in this area of unmanaged device support include more effective content separation, improved privacy settings, support for actions taken on personally-owned devices, and role-based privacy settings. MobileIron is a leader in this area, with enterprises currently using their role-based workflows to limit and verify access to employee-owned devices. MobileIron can also limit IT’s scope of control over an employee device, including turning off location tracking.
  • Support and proven integration of Identity solutions such as Okta, Ping Identity, Microsoft, and Single sign-on (SSO) are defining the future of adaptive access today. This is the most nascent area of UEM platform development today, yet the one area that CISOs need the greatest progress on this year. Endpoint protection and system integration are the two areas that most define how advanced a given UEM providers’ platform is today.
  • The ability to provision, revoke, and manage device certificates over their lifecycles is becoming a must-have in enterprises today. UEM platforms, in large part, can handle certificate device provisioning, yet Certificate Authority (CA) integration is an area many struggle with. CISOs are asking for more effective certificate lifecycle management, especially given the proliferation of macOS and iOS devices.

Conclusion

The five factors of MacOS management and security are transforming the Unified Endpoint Management (UEM) solution landscape. CISOs often speak of wanting to have a more integrated UEM strategy, one that can provide better SIEM system integration, differentiate between corporate-owned and personal devices, and also manage the lifecycles of device certificates. MobileIron has proven their ability to scale in a BYOD world and is a UEM vendor to watch in 2020.

Nov 27

1 Comment

What’s New On The Zero Trust Security Landscape In 2019

What’s New On The Zero Trust Security Landscape In 2019

  • Forrester added in Checkpoint, Forescout, Google, illumio, MobileIron, Proofpoint, Symantec, and Unisys in their latest Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers this year.
  • Forrester’s 2019 scorecard increased the weight on network security, automation and orchestration, and portfolio growth rate compared to last year, adding in Zero Trust eXtended (ZTX) ecosystem advocacy to the scorecard for the first time.
  • Microsoft and VMWare are no longer included in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers this year.

These and many other interesting insights are from what’s new in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019, written by Chase Cunningham and published on October 29, 2019. Chase is a leading authority on Zero Trust Security, and I was fortunate to have the opportunity to interview him earlier this year. You can read the interview here,10 Questions With Chase Cunningham On Cybersecurity. Forrester included 14 vendors in this assessment: Akamai Technologies, Check Point, Cisco, Cyxtera Technologies, Forcepoint, Forescout, Google, illumio, MobileIron, Okta, Palo Alto Networks, Proofpoint, Symantec, and Unisys. The following is the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 graphic from the free reprint offered by MobileIron here.

Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019

 

Summary of What’s New In Forrester’s Zero Trust Wave This Year

The latest Forrester Wave adds in and places high importance on Zero Trust eXtended (ZTX) ecosystem advocacy, allocating 25% of the weight associated with the Strategy section on the scorecard. Forrester sees Zero Trust as a journey, with vendors who provide the greatest assistance and breadth of benefits on a unified platform being the most valuable. The Wave makes it clear that Zero Trust doesn’t refer to a specific technology but rather the orchestration of several technologies to enable and strengthen their Zero Trust framework. Key insights from what’s new this year in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019 include the following:

  • Platforms are powering the Zero Trust landscape and delivering the greatest value to organizations on their Zero Trust journey. Forrester notes that organizations are getting the greatest benefits from choosing a single vendor who can deliver integrated, real-world capabilities instead of marketing hype.
  • Ease of use and excellent usability need to be the new normal when it comes to Zero Trust Solutions. Forrester sees a widening gap between Zero Trust solutions that take administrator and end-user experience into account and deliver the critical capabilities that make ZTX frameworks successful and those that don’t. It’s common knowledge of how challenging Zero Trust solutions and platforms are to deploy. Raising the issue of improving usability will help expand the total available market for Zero Trust solutions and increase the effectiveness of every platform installed.
  • A much stronger focus on Application Programmer Interfaces (APIs) and integration. This year’s Wave places much greater emphasis on APIs and the need to integrate every application and Web Service across a Zero Trust platform. The greater the integration expertise of any Zero Trust vendor, the faster an organization adopting their systems and platforms will attain secured stability across every threat surface.
  • Forrester advises Zero Trust vendors to concentrate on four key aspects of their strategy if they’re going to deliver overwhelming value to organizations they’re selling to. These four key aspects include actively advocating for Zero Trust as evidenced by driving product strategies that prioritize needed capabilities; supporting micro-segmentation; enforcing policy everywhere by first enabling extensive, proven integrations using well-documented and tested APIs that make it possible to enable policy definition and enforcement across enterprises; and provide identity beyond identity and access management (IAM).
  • Cyxtera Technologies, MobileIron, and Proofpoint are new to the Zero Trust World, each bringing valuable contributions to enterprises on their Zero Trust journey. Of the three, MobileIron is the most noteworthy as their approach to Zero Trust begins with the device and scales across mobile infrastructures. Forrester observes that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees all three vendors as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future.

Conclusion

The latest Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019, reflects the growing maturity of the Zero Trust eXtended (ZTX) Ecosystem. Adding in Zero Trust eXtended (ZTX) ecosystem advocacy and weighing it at 25% reflects how serious Forrester is about evaluating vendors on solid, real product features over marketing claims. The increased focus on platforms, APIs and integration also reflect the growing maturity of enterprises adopting Zero Trust frameworks today.

Nov 12

1 Comment

Financial Services Rely On BYOD – How Do They Stay Secure?

Financial Services Rely On BYOD – How Do They Stay Secure?

Bottom Line: 2020 is going to be the year companies launch more digital business initiatives that depend on BYOD than ever before, making Zero Trust Security a key contributor to their success.

Financial Services firms are at an inflection point going into 2020. Mobile-first products and services now dominate their product roadmaps for next year, with applications’ speed and security being paramount. In fintech, DevOps teams have been working with AngularJS for years now, and the scale and speed of their applications reflect their expertise. How well existing IT infrastructure flexes to support the new mobile-first product and services strategies depends on how quickly members of IT, customer service, and customer success teams can respond. BYOD is proving invaluable in achieving the speed of response these new digital business models require.

In 2020 more employees of Financial Services firms will rely on their mobile devices as their primary form of digital ID than has ever been the case before. A recent survey conducted by IDG in association with MobileIron found that 89% of security leaders believe mobile devices will be the primary digital ID employees use to gain access to resources and get work done. The CIOs I’ve spoken agree. A copy of the IDG and MobileIron study, Say Goodbye to Passwords, can be downloaded here.

Counting On BYOD To Deliver Responsiveness And Speed

CIO and IT bonuses are often indexed to the revenue contributions their new products and services deliver, making speed, scale, security, and responsiveness the most important features of all. Fintech CIOs are saying that BYOD is proving indispensable in scaling IT in support of new digital business initiatives as a result. By 2022, 75% of smartphones used in the enterprise will bring your own device (BYOD), up from 35% in 2018, forcing a migration from device-centric management to app- and data-centric management, according to Gartner’s Competitive Landscape: Managed Mobility Services.

Two factors continue to propel BYOD adoption in financial services, fueling the need for Zero Trust Security across every mobile device. The first is the need for real-time responsiveness from internal team members and the second is having every threat surface protected without degrading the time to respond to customers. Every CIO, IT and Product Management leader I’ve spoken with mention the race they are in to deliver mobile-first products and services early in 2020 that redefine their business.  With every identity being a new security perimeter, Financial Services firms are relying on Unified Endpoint Management (UEM), multi-factor authentication (MFA), and additional zero trust-enabling technologies as an integral part of their Enterprise Mobility Management (EMM) strategy. Their goal is to create a Zero Trust Security framework that protects every mobile device endpoint. Leaders in this field include MobileIron, who also provides zero sign-on (ZSO), and mobile threat defense (MTD) in addition to UEM and EMM solutions today.  The following are the key features every BYOD program needs to offer to stay secure, scale and succeed in 2020:

  •  Separation of business and personal data is a must-have in any BYOD security strategy. FinTechs who have the greatest success with BYOD as part of their digital initiatives are relying on Enterprise Mobility Management (EMM) to selectively wipe only the business data from a device in the event it is compromised.
  • An interactive, intuitive user experience that can be quickly customized at scale by role, department, and workflow requirements without impacting user productivity. Too often BYOD users have had to trade off having stronger security on their own devices versus using a company-provided smartphone to get remote work done. The best EMM and UEM solutions in the market today enable Zero Trust by treating every identity as a new security perimeter.
  • Define the success of a BYOD security strategy by how well it immediately shuts down access to confidential data and systems first. Being able to immediately block access to confidential systems and data is the most important aspect of securing any BYOD across a network.
  • Limit access to internal system resources based on the employee’s department, role, and function to eliminate the risk of confidential data ending up in a personal app. EMM solutions have progressed quickly, especially on the dimension of providing Zero Trust Security across BYOD networks. Look for an EMM solution that gives the administrator the flexibility of limiting mobile device access to a specific series of services and access points based on an employees’ role in a specific department and the scope of data they need access to.
  • Proven multi-operating system expertise and support for legacy internally created mobile applications and services. One of the main reasons BYOD is succeeding today as an enablement strategy is the freedom it gives users to select the device they prefer to work with. Supporting Android and IOS is a given. Look for advanced EMM and UEM solutions that also support legacy mobility applications. The best BYOD security solutions deliver device and application compatibility with no degradation in security or performance.

Conclusion – Why BYOD Strategies Need Zero Trust Now

Trust-but-verify isn’t working today. Attackers are capitalizing on it by stealing or buying privileged access credentials, accessing any system or database they choose. Financial Services firms fully expect their new products and services launching in 2020 to face an onslaught of breach and hacking attempts. Trust-but-verify approaches that are propagated across an enterprises’ BYOD base of devices using Virtual Private Networks and demilitarized zones (DMZ) impede employee’s productivity, often force login authentication. Trust-but verify doesn’t scale well into BYOD scenarios, leaving large gaps attackers can gain access to valuable internal data and systems. For BYOD users, trust-but-verify reduces productivity, delivers poor user experiences, and for new business models, slower customer response times.

By going to a Zero Trust Framework, Financial Services firms will be able to treat every identity and the mobile device they are using as their new security perimeter. Basing a BYOD strategy on a Zero Trust Framework enables any organization to find the correlation between the user, device, applications, and networks in milliseconds, thwarting potential threats before granting secure access to the device. Leaders delivering Zero Trust for BYOD include MobileIron, who provides endpoint management (UEM) capabilities with enabling technologies of zero sign-on (ZSO) user and device authentication, multi-factor authentication (MFA), and mobile threat detection (MTD).

Sep 24

Three Reasons Why Killing Passwords Improves Your Cloud Security

Jack Dorsey’s Twitter account getting hacked by having his telephone number transferred to another account without his knowledge is a wake-up call to everyone of how vulnerable mobile devices are. The hackers relied on SIM swapping and convincing Dorsey’s telecom provider to bypass requiring a passcode to modify his account. With the telephone number transferred, the hackers accessed the Twitter founder’s account. If the telecom provider had adopted zero trust at the customer’s mobile device level, the hack would have never happened.

Cloud Security’s Weakest Link Is Mobile Device Passwords

The Twitter CEO’s account getting hacked is the latest in a series of incidents that reflect how easy it is for hackers to gain access to cloud-based enterprise networks using mobile devices. Verizon’s Mobile Security Index 2019 revealed that the majority of enterprises, 67%, are the least confident in the security of their mobile assets than any other device. Mobile devices are one of the most porous threat surfaces a business has. They’re also the fastest-growing threat surface, as every employee now relies on their smartphones as their ID. IDG’s recent survey completed in collaboration with MobileIron, titled Say Goodbye to Passwords found that 89% of security leaders believe that mobile devices will soon serve as your digital ID to access enterprise services and data.

Because they’re porous, proliferating and turning into primary forms of digital IDs, mobile devices and their passwords are a favorite onramp for hackers wanting access to companies’ systems and data in the cloud. It’s time to kill passwords and shut down the many breach attempts aimed at cloud platforms and the valuable data they contain.

Three Reasons Why Killing Passwords Improves Your Cloud Security

Killing passwords improve cloud security by:

  1. Eliminating privileged access credential abuse. Privileged access credentials are best sellers on the Dark Web, where hackers bid for credentials to the world’s leading banking, credit card, and financial management systems. Forrester estimates that 80% of data breaches involve compromised privileged credentials, and a recent survey by Centrify found that 74% of all breaches involved privileged access abuse. Killing passwords shuts down the most common technique hackers use to access cloud systems.
  2. Eliminating the threat of unauthorized mobile devices accessing business cloud services and exfiltrating data. Acquiring privileged access credentials and launching breach attempts from mobile devices is the most common hacker strategy today. By killing passwords and replacing them with a zero-trust framework, breach attempts launched from any mobile device using pirated privileged access credentials can be thwarted. Leaders in the area of mobile-centric zero trust security include MobileIron, whose innovative approach to zero sign-on solves the problems of passwords at scale. When every mobile device is secured through a zero-trust platform built on a foundation of unified endpoint management (UEM) capabilities, zero sign-on from managed and unmanaged services become achievable for the first time.
  3. Giving organizations the freedom to take a least-privilege approach to grant access to their most valuable cloud applications and platforms. Identities are the new security perimeter, and mobile devices are their fastest-growing threat surface. Long-standing traditional approaches to network security, including “trust but verify” have proven ineffective in stopping breaches. They’ve also shown a lack of scale when it comes to protecting a perimeter-less enterprise. What’s needed is a zero-trust network that validates each mobile device, establishes user context, checks app authorization, verifies the network, and detects and remediates threats before granting secure access to any device or user. If Jack Dorsey’s telecom provider had this in place, his and thousands of other people’s telephone numbers would be safe today.

Conclusion

The sooner organizations move away from being so dependent on passwords, the better. The three reasons why killing passwords improve cloud security are just the beginning. Imagine how much more effective distributed DevOps teams will be when security isn’t a headache for them anymore, and they can get to the cloud-based resources they need to get apps built. And with more organizations adopting a mobile-first development strategy, it makes sense to have a mobile-centric zero-trust network engrained in key steps of the DevOps process. That’s the future of cloud security, starting with the DevOps teams creating the next generation of apps today.

Sep 1

Mobile Identity Is The New Security Perimeter

  • 86% of enterprise executives say that mobile threats are growing faster than any other according to Verizon’s Mobile Security Index 2019 and 67% of enterprise execs are less confident about the security of their mobile devices compared to other IT assets.
  • Mobile devices are hackers’ favorite platform to target, with over 905,000 malware packages installed in Q1 of this year alone and over 5.3 million in 2018, according to Statistica.
  • 38% of mobile devices introduce unnecessary risk into the organization based on an analysis of privacy and security settings according to MobileIron’s Global Threat Report.

Mobile devices reflect you and your customers’ identity in the many apps, data, and ongoing activities you and they choose to engage in. Every enterprise looking to reinvent itself by scaling digital business strategies is putting mobile devices at the center of growth plans because they are everyone’s identity.

89% of security leaders believe that mobile devices will serve as your digital ID to access enterprise services and data in the near future according to a recent survey by IDG completed in conjunction with MobileIron, titled Say Goodbye to Passwords. You can download a copy of the study here. Mobile devices are increasingly becoming the IDs enterprises rely on to create and scale a mobile-centric zero trust security network throughout their organizations.

Enterprises are relying on mobile devices more than ever before, personalizing them for each associate or employee to launch and scale new business initiatives. These factors combined are leading to a rapid expansion of, and reliance on mobile devices as the single digital ID enterprises rely on to enable perimeter-less borders. The following IDG survey results reflect enterprise security leaders’ prediction of when mobile devices will authenticate Identity Access Management (IAM):

Passwords Aren’t Strong Enough For A Zero Trust World   

The bottom line is that passwords are the weakest defense in a zero-trust world. Ineffective in stopping privileged credential-based breaches, with the most privileged system access credentials shared and at times resold by insiders, passwords give hackers a key to the front door of enterprises’ systems. They no longer have to hack their way in; stolen or purchased passwords and privileged access credentials available on the Dark Web-enable hackers to use the front door of enterprise IT.

Both the IDG study published in conjunction with MobileIronSay Goodbye to Passwords and Passwordless Authentication: Bridging the Gap Between High-Security and Low-Friction Identity Management by Enterprise Management Associates (EMA) validate how weak passwords are in a zero-trust world and the many reasons they need to go.  Here are a few of the many factors that favor move beyond passwords to mobile-centric zero-trust security framework:

  • While 95% of enterprise executives say they have multi-factor authentication (MFA) implemented, a little more than half of their users are using it. Senior security executives say they doubt the security benefits (36%), expense (33%), and the decision that users don’t access sensitive information (45%), making MFA pointless.
  • 86% of senior security executives would dump password use as an authentication method if they could. In fact, nearly half of those surveyed cited eliminating passwords as a way to cut almost half of all breach attempts. Perceived security shortcomings are a key reason why almost three-quarters of these security leaders say they’re actively looking for replacements for passwords for authentication.
  • 62% of the senior security execs reported extreme user irritation with password lockouts. The percentage of respondents who reported extreme user frustration at password lockouts rose to 67% at companies with more than 5,000 employees. Users having to call in and change their password with IT’s help is a major drain on productivity and worker’s time. Senior security executives want to abandon passwords given how high maintenance they are to support and how they drain time and productivity from any organization.   

Creating A Mobile Zero Trust Network

The new reality for any enterprise is that mobile device identities are the new security perimeter. Mobility devices ranging from smartphones to tablets are exponentially expanding the threat surfaces that enterprises need to secure and passwords aren’t scaling to do the job. Instead of just relying on a password, secure access needs to be determined by a “never trust, always verify” approach that requires verification of the device, user, apps, networks, and evaluation of the presence of threats before granting access.
The formidable challenges of securing a perimeter-less enterprise where the mobile device identities are the new security perimeter need a mobile-centric zero-trust network to succeed. Zero trust validates the device, establishes user context, checks app authorization, verifies the network, and detects and remediates threats—all before granting secure access to any device or user.  Zero trust platforms are built on unified endpoint management (UEM) systems and their enabling technologies including zero sign-on (ZSO) user and device authentication, multi-factor authentication (MFA), and mobile threat detection (MTD). The following illustration reflects best practices in provisioning, granting access, protecting, enforcing, and provisioning access privileges for a mobile Zero Trust network.

Conclusion

Your smartphone or mobile device of choice is increasingly going to become your ID and secure access to resources across the enterprises you work for. Passwords have proven to be ineffective in thwarting the most common source of breaches, which is privileged credential abuse.  Enterprise executives interviewed for two completely different studies reached the same conclusion: IT infrastructure will be much safer once passwords are gone.

May 13

How To Secure Mobile Devices In A Zero Trust World

  • 86% of enterprises are seeing mobile threats growing the fastest this year, outpacing other threat types.
  • 48% say they’ve sacrificed security to “get the job done” up from 32% last year.
  • 41% of those affected say the compromise is having major with lasting repercussions and 43% said that their efforts to remediate the attacks were “difficult and expensive.”

Bottom Line: The majority of enterprises, 67%, are the least confident in the security of their mobile assets than any other device or platform today according to Verizon’s Mobile Security Index 2019.

Why Mobile Devices Are the Fastest Growing Threat Surface Today     

Verizon found that 86% of enterprises see an upswing in the number, scale, and scope of mobile breach attempts in 2019. When broken out by industry, Financial Services, Professional Services, and Education are the most commonly targeted industries as the graphic below shows:

The threat surfaces every organization needs to protect is exponentially increasing today based on the combination of employee- and company-owned mobile devices. 41% of enterprises rate mobile devices as their most vulnerable threat surface this year:

Passwords and Mobile Devices Have Become A Hacker’s Paradise

“The only people who love usernames and passwords are hackers,” said Alex Simons, corporate vice president at Microsoft’s identity division in a recent Wall Street Journal article, Username and Password Hell: Why the Internet Can’t Keep You Logged In. Verizon found that mobile devices are the most vulnerable, fastest-growing threat surface there is, making it a favorite with state-sponsored and organized crime syndicates. How rapidly mobile devices are proliferating in enterprises today frequently outpace their ability to secure them, falling back on legacy Privileged Access Management (PAM) approaches that hacking syndicates know how to get around easily using compromised passwords and privileged access credentials. Here’s proof of how much of a lucrative paradise it is for hackers to target passwords and mobile devices first:

  • Hacker’s favorite way to gain access to any business is by using privileged access credentials, which are increasingly being harvested from cellphones using malware. Hacking organizations would rather walk in the front door of any organizations’ systems rather than expend the time and effort to hack in. It’s by far the most popular approach with hackers, with 74% of IT decision makers whose organizations have been breached in the past say it involved privileged access credential abuse according to a recent Centrify survey, Privileged Access Management in the Modern Threatscape. Only 48% of the organizations have a password vault, and just 21% have multi-factor authentication (MFA) implemented for privileged administrative access. The Verizon study found that malware is the most common strategy hackers use to gain access to corporate networks. MobileIron’s Global Threat Report, mid-year 2018 found that 3.5% of Android devices are harboring known malware. Of these malicious apps, over 80% had access to internal networks and were scanning nearby ports. This suggests that the malware was part of a larger attack.

Securing Mobile Devices In A Zero Trust World Needs To Happen Now

Mobile devices are an integral part of everyone’s identity today. They are also the fastest growing threat surface for every business – making identities the new security perimeter. Passwords are proving to be problematic in scaling fast enough to protect these threat surfaces, as credential abuse is skyrocketing today. They’re perennial best-sellers on the Dark Web, where buyers and sellers negotiate in bitcoin for companies’ logins and passwords – often with specific financial firms, called out by name in “credentials wanted” ads. Organizations are waking up to the value of taking a Zero Trust approach to securing their businesses, which is a great start. Passwords are still the most widely relied-on security mechanism – and continue to be the weakest link in today’s enterprise security.  That needs to change. According to the Wall Street Journal, the World Wide Web Consortium has recently ratified a standard called WebAuthN, which allows websites to authenticate users with biometric information, or physical objects like security keys, and skip passwords altogether.

MobileIron is also taking a unique approach to this challenge by introducing zero sign-on (ZSO), built on the company’s unified endpoint management (UEM) platform and powered by the MobileIron Access solution. “By making mobile devices your identity, we create a world free from the constant pains of password recovery and the threat of data breaches due to easily compromised credentials,” wrote Simon Biddiscombe, MobileIron’s President and Chief Executive Officer in his recent blog post, Single sign-on is still one sign-on too many. Simon’s latest post MobileIron: We’re making history by making passwords history, provides the company’s vision going forward with ZSO. Zero sign-on eliminates passwords as the primary method for user authentication, unlike single sign-on, which still requires at least one username and password. MobileIron paved the way for a zero sign-on enterprise with its Access product in 2017, which enabled zero sign-on to cloud services on managed devices.

Conclusion

Mobile devices are the most quickly proliferating threat surface there are today and an integral part of everyone’s identities as well. Thwarting the many breach attempts attempted daily over mobile devices and across all threat surfaces needs to start with a solid Zero Trust framework. MobileIron’s introduction of zero sign-on (ZSO) eliminates passwords as the method for user authentication, replacing single sign-on, which still requires at least one username and password. ZSO is exactly what enterprises need to secure the proliferating number of mobile devices they rely on to operate and grow in a Zero Trust world.