When it comes to mobile applications, the main security controls are:
- Mobile Application Testing (MAV) ensures that applications comply with company policies and do not contain known exploitable vulnerabilities.
- Mobile Application Management (MAM) ensures compliance in deployed applications. However, neither MAV nor MAM are generally aligned with zero trust to support continuous authentication.
- Mobile threat protection detects and mitigates threats from suspicious user behavior or network activity, as well as malicious attacks.
- Secure containers provide isolation techniques to prevent mixing of organizational and personal data.
DON’T DIVE DEEPER: Learn how security strategies must adapt to work from anywhere.
Mobile operating systems themselves have built-in security features, including:
- Data isolation methods block unauthorized communication between devices and user data stores.
- Platform management The API allows EMM and other security management tools to control the security and functionality of devices.
- User and device identificationwhich is a key enabler of zero-trust compliance includes access using multi-factor authentication.
Three mobile security steps you should take now
The mobile security technologies described above can significantly improve trust in the mobile environment. However, to fully implement mobile zero trust, a company needs to take three additional steps.
First, mobile application development and application security testing require more scrutiny to ensure alignment with zero-trust access to enterprise resources. Applications should be carefully evaluated to ensure they support continuous authentication. Applications developed in-house should be redesigned to include continuous authentication if not currently implemented. MAV must verify that all applications, both those developed in-house and those obtained from operating system vendors’ app stores, comply with the policies.
Second, ensure mobile devices implement application and data segmentation. While mobile operating systems have built-in security controls for segmentation and can sandbox apps and data, the enterprise must scrutinize custom-built enterprise applications for segmentation at the app and data level. Implementation of continuous multi-factor authentication is also required to ensure compliance with zero-trust principles.
Third, take steps to ensure tighter integration between EMM and mobile threat protection to ensure timely threat mitigation. Many vendors align their systems with a zero-trust approach, including continuous authentication evaluation and device health reporting.
READ MORE: Learn how to simplify device management in a hybrid work environment.
Improve your security with smart authentication
Some EMM systems include “intelligent” device authentication by combining biometrics with individual user behavior. Using advanced rulesets powered by artificial intelligence, these systems can enable adaptive authentication to provide precise security for every user interaction. Enterprises can also enhance integration between EMM and mobile threat protection systems and existing logging, monitoring, diagnostic and mitigation systems.
Every business is different, and there is no one-size-fits-all strategy for implementing mobile zero trust. Each organization must develop its own roadmap and timeline that aligns with its goals. Companies can develop their strategies based on an assessment of the risks they face, with a detailed policy to mitigate the risks.
Likewise, each organization must determine the accuracy of continuous authentication to balance security and usability. Related changes should be integrated into this infrastructure as needed.
Finally, as with any security approach, technology is only part of the solution. Companies need to review their mobile policies and ensure that their processes and human factors are aligned with zero trust goals.
