BYOD is not new but what has yet to be addressed properly by many organizations is security relating to this plethora of unknown devices. Quite frankly there are many holes in any corporate network where mobile devices are being used. MDM solves some of these challenges but it wasn’t originally designed to keep malicious apps and actors off your network. The Target data breach caused many millions of dollars of reputational damage and potentially long-term marketshare loss for the retailer. This is but one example of a worst-case security hole scenario. In other instances, companies run afoul of compliance requirements because they don’t adequately have a handle on their mobile devices.
Enter Mojave Networks (covered a few months back by colleague Peter Bernstein), the company’s co-founder and CEO, Garret Larsson (pictured) explained his organization fills this security hole by giving away MDM but charging $4/device/month for security which includes network security, data loss prevention and app security. Companies can utilize their existing MDM solution if they desire, instead.
Larsson said to me, “How do you secure devices, especially when you don’t own the networks?” He continued, “For every piece of Android malware we detect, there are 4k malicious attempts our company blocks each month such as phishing, malvertising, web malware, suspicious URLS and more..” His point is there is certainly lots of Android malware out there that get the lionshare of media attention but network security threats are an order of magnitude worse.
One customer of theirs was getting attacked by the Syrian Electronic Army who was sending OWA links to the company’s employees – this sort of threat he said had to be caught at the network level.
Mojave proxies some or all of traffic from mobile devices through their globally distributed data centers where they handle malware blocking, data loss prevention and more. As an added advantage, the company can monitor SSL traffic and read proprietary cloud protocols from major services such as Dropbox to ensure social security numbers and other sensitive corporate information is not being improperly shared.
If your company wants to allow Dropbox to be used, Mojave can wrap it and ensure all its traffic goes through its network. The administrator can then see analytics on the traffic being transmitted by the app. The solution can also monitor data which is being transmitted over the web.
One challenge with this solution is a user can bypass it by bringing in a device which IT doesn’t know about. The way to solve this problem is to ensure corporate email can only be accessed through their network. At this point – when a user comes in for help, IT puts an agent on the device. In an effort to be transparent as possible, the agent tells the user what the administrator can and can’t do – which apps are monitored, if the device can be tracked, wiped, etc.
Corporations can choose which apps to monitor to ensure they know what is happening. IT admins can get alerts if social security numbers are being sent through Dropbox, etc. A customer can also use the log files for forensics at a later time or date.
BYOD and network security as a whole is a huge issue for companies – one I believe which IT has yet to address head-on. Mojave Networks and similar solutions should certainly be investigated by any organization which wants to minimize electronic threats to their network, users and customer data.
See screen shots of Mojave Networks solution in action