{"id":4307,"date":"2022-01-17T16:03:03","date_gmt":"2022-01-17T15:03:03","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=4307"},"modified":"2022-01-17T16:03:03","modified_gmt":"2022-01-17T15:03:03","slug":"why-mobile-xdr-is-a-critical-piece-of-your-customers-security-puzzle","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/en-us\/2022\/01\/products\/why-mobile-xdr-is-a-critical-piece-of-your-customers-security-puzzle\/","title":{"rendered":"Why Mobile XDR is a Critical Piece of Your Customers’ Security Puzzle"},"content":{"rendered":"

Last month we wrote about how XDR can\u00a0minimize the time to detect and respond<\/a>\u00a0to threats,\u00a0and now we want to dive a little deeper into\u00a0the XDR pool to show you\u00a0how\u00a0to better protect your\u00a0organization\u2019s\u00a0mobile devices.\u00a0Mobile devices pose a growing threat to most organizations, and need no less protection than any other endpoint. And XDR is an excellent fit for the kinds of attacks mobile devices increasingly face.<\/p>\n

Once, mobile devices were under-emphasized in a lot of security ecosystems. You might deploy email settings, set passcodes, and manage WiFi configuration to prevent man-in-the-middle attacks. Those all remain valid elements of mobile security.<\/p>\n

Now, though, there\u2019s so much more to consider.<\/p>\n

Mobile device usage is changing\u2014so security needs to follow suit<\/h2>\n

Most notably, both the nature and amount of mobile use have broadened dramatically. Mobile devices now account for\u00a0almost 55%<\/a>\u00a0of global website traffic, making secure browsing a priority. Phones are mini-computers and users want to be able to use them for work as a matter of course. With more people working remotely, this trend is accelerating.<\/p>\n

(When we say \u201cmobile devices\u201d, we tend to mean phones. But we\u2019re also referring to any other device that runs Android or iOS; Tablets, for example. And while Chromebooks are generally quite well locked down, they do need protection from phishing and web-based threats, as well as installing unwanted extensions which might be insecure.)<\/p>\n

But while the mobile device is starting to supplant, or at least supplement, the desktop for work and web browsing, users are still likely to treat it as a personal belonging. Whether or not you operate a \u201cbring your own device\u201d (BYOD) policy, a device feels different when you keep it in your pocket at all times.<\/p>\n

For example, a user might have a different, less-guarded frame of mind when their phone\u2019s in their hand. Their browsing behavior will likely be different, and the immediacy of messaging alerts\u2014coupled with a smaller screen size\u2014can make them more likely to fall foul of phishing.<\/p>\n

Sophisticated threats need a new, all-round approach<\/h2>\n

And here\u2019s the problem: while many cybersecurity ecosystems haven\u2019t kept up with mobile\u2019s growing role in day-to-day work, the\u00a0hackers certainly have<\/a>.<\/p>\n

Threat actors understand that mobile devices are often the weak spot in an organization\u2019s perimeter. As a result, they\u2019re using increasingly sophisticated attacks to target users via their mobile devices. This might take the form of cross-device social engineering; for example, using a text message to make a phishing email seem more legitimate on the desktop.<\/p>\n

We\u2019ve also seen attacks exploiting confusion around COVID-19 arrangements; for example, prompting users to download a bogus \u201ccontact tracing\u201d app outside of the Play Store. Once installed, the app accesses sensitive information including received messages\u2014and, in some cases, the phone\u2019s location and camera.<\/p>\n

A good\u00a0Unified Endpoint Management<\/a>\u00a0(UEM) solution can go a long way to help you keep your mobile devices updated and secure. Depending on the operating system, and whether it\u2019s a company-managed or employee-owned device, you can segregate business data, set policies, scan for malicious apps, and intercept threats.<\/p>\n

There are also things a standalone management solution can\u2019t do. It can monitor the health of a mobile device, but won\u2019t give you context for your entire organization. It can tell you what the user did next, but not if they switched to working on their desktop. And it can tell you the situation now, but not what happened two weeks ago.<\/p>\n

For that, you need to aggregate and store data from your mobile devices alongside your other cybersecurity controls. And that\u2019s exactly where XDR comes in.<\/p>\n

Enhanced visibility, context, and history<\/h2>\n

XDR gives you the complete picture. Sensors on the device send telemetry data to a secure data lake in the cloud, where it\u2019s aggregated alongside your other mobile devices, as well as any other XDR-enabled cybersecurity solutions you might have.<\/p>\n

This allows you to surface suspicious activity and investigate it across your entire estate. The data lake allows you to understand the full context as it contains the events from mobile devices, traditional endpoints, servers, firewalls, email and cloud security solutions. It provides you with the whole picture, and the ability to go back in time to see the history of the suspicious activity.<\/p>\n

These capabilities fit well with the challenges of keeping mobile devices secure:<\/p>\n