McAfee Outlines Security Strategy to Protect Mobile Devices, Data, Apps
McAfee unveiled its latest approach to securing data on mobile devices with several new products.
These new mobile security products will focus on protecting mobile devices, data and applications, McAfee said Sept. 20. The centerpiece of the three-pronged strategy is the McAfee Enterprise Mobility Management software, along with McAfee's ePolicy Orchestrator and its Global Threat Intelligence network that have both been extended to support mobile devices.
With increasing consumerization of IT, enterprises are being asked to support devices running operating systems other than the corporate standard, including Android and iOS. A recent study from Dell-KACE found that organizations are being forced to support a more complex environment to ensure that sensitive data and applications remain protected regardless of how employees are connecting to the network.
"Mobile device adoption is exploding, and unfortunately, so are the threats targeting mobile platforms," said Josh Dasher, senior director for mobile security at McAfee.
McAfee announced the McAfee Enterprise Mobility Management software to allow administrators to apply the same security controls to mobile devices that are used on laptops and PCs. McAfee EMM can also apply policies on both corporate-issued and personal mobile smartphones and tablets.
IT staffs can also implement anti-theft and -loss features such as remote backup, lock and wipe to prevent sensitive data from falling "into the wrong hands" in case of theft or loss, McAfee said. To prevent data leakage, McAfee EMM can be used to ensure that devices without proper encryption in place and jailbroken or otherwise rooted devices cannot connect to the corporate network.
"Additional data protection technologies are under development including the separation of business and personal data," McAfee said.
McAfee VirusScan Mobile software will provide anti-malware protection, and McAfee SiteAdvisor will protect users from landing on malicious Websites. With SiteAdvisor, users will be alerted immediately if the site they are navigating to is potentially dangerous, such as a phishing page or one that is booby-trapped for drive-by downloads.
Just securing the device and making it hard for nonauthorized users to read the data is not enough, especially in light of the number of malicious applications that are out to intercept sensitive details, harvest personal data and transmit information to third-party individuals.
"The emerging mobile malware we are seeing today is just the beginning," Dasher said.
The McAfee App Alert, currently in beta, informs users how installed apps are accessing the user data. Many of the apps often require more permissions than necessary, and users are not always clear what information is visible to other apps. App-scanning technologies also exist in app stores, so that the storefront can verify the apps are clean and safe for customers to download and use.
In addition, the company is expanding the scope of its Global Threat Intelligence network to include reputation information for mobile apps. With this addition, it will be possible to identify apps with a bad "reputation" as malicious. Bad reputation will include apps that put privacy at risk by exposing sensitive information that could potentially be exploited by other apps.
Considering that the volume of malware targeting Android devices jumped 76 percent last quarter, securing mobile devices, applications and the data stored on them has become a priority, McAfee said.
"It's a whole new world and a challenge for IT to craft security policies that make sense while updating their infrastructure," Dasher said.