By: Claus Vaupel

Smartphones: a security blind spot in your network

Mobile

We all strive for comprehensive security that protects all users and devices against modern malware and other threats. Yet, while most IT departments are well positioned to control and secure laptops, smartphones and tablets remain in many organisations’ blind spots.

As BYOD has proliferated, it’s added a layer of complexity where security is concerned. Mobile employees access data stored on the corporate network and in the cloud using a number of personal and company-owned devices — on the road, in hotels, at airports, and from home. Because such devices access the Internet directly via 3G, 4G, or LTE connections, their traffic escapes security administrators’ radars — with the presence of rogue apps, malware attacks, and more going undetected.

To close the gap, you need to integrate mobile devices into your company’s security strategy — providing comprehensive malware and data loss protection, while guaranteeing compliance with enterprise Internet usage guidelines.

Mobile device security solutions

Implementing a robust mobile device management (MDM) solution is the first step toward restricting mobile access to applications and data, and enforcing the same security and compliance guidelines across company and employee-owned devices. Using an MDM approach allows you to perform security precautions, such as backups, or reset smartphones should they become lost.

MDM platforms, however, do not yet offer any protection against cyber threats, such as phishing or spyware, nor do they protect against malicious apps. An infection on a mobile can spread once that compromised device connects to the network. You need more comprehensive mobile protection, but you must also consider issues around cost and performance:

  • Administrative costs and potential performance issues arising from continual security and signature updates on smartphones and tablets

  • User acceptance — scanning for malicious code takes place on the device level and could impact processor performance and battery usage

  • Costs associated with smartphone updates on the road using data or roaming rates

A cloud-based solution is the best approach for avoiding such problems and enabling effective — and cost-effective — security for mobile devices.

Illuminating the blind spot with cloud-delivered security

With cloud-delivered security, all traffic is inspected in real time in the cloud before it reaches mobile devices. This way, the process of scanning for harmful applications, websites, and other content does not negatively impact the battery runtime or performance of the device. And attack vectors are blocked in the cloud before reaching the device.

With cloud security, companies can enforce security policies, generate reports, and collect log data for mobile devices without added costs or increased complexity. Through a centralized console, administrators get detailed insights into user transactions, and they can view reports in near-real time on mobile devices that pose security risks.

Mobile security is an essential part of a comprehensive security platform. But how do you protect traffic and enforce policies on devices that you don’t control — and that connect directly to the Internet? Cloud-delivered security is the solution, enabling you to protect users no matter where they connect or what devices they use.

-----

Read about Z-App, the Zscaler mobile app that extends Zscaler Cloud Security to your mobile devices.

Learn more about Zscaler.