McAfee Mobile Strategy Protects Devices, Data, Apps

McAfee unveiled several new products as part of its integrated approach to securing data on mobile devices. The mobile security products will focus on protecting devices, data and applications, McAfee said.

The centrepiece of the three-pronged strategy is the McAfee Enterprise Mobility Management software, working along with its ePolicy Orchestrator and Global Threat Intelligence network that have both been extended to support mobile devices.

Tackling IT Consumerisation

With increasing consumerisation of IT, enterprises are being asked to support devices running operating systems other than the corporate standard, including Android and iOS. A recent study from Dell-KACE found that organisations are being forced to support a more complex environment to ensure that sensitive data and applications remain protected regardless of how employees are connecting to the network.

“Mobile device adoption is exploding, and unfortunately, so are the threats targeting mobile platforms,” said Josh Dasher, senior director for mobile security at McAfee.

McAfee also announced Enterprise Mobility Management (EMM) software to allow administrators to apply the same security controls to mobile devices that are used on laptops and PCs. McAfee EMM can also apply policies on both corporate-issued and personal mobile smartphones and tablets.

IT staff can also implement anti-theft and snti-loss features such as remote backup or lock and wipe to prevent sensitive data from falling “into the wrong hands” in case of theft or loss, McAfee said. To prevent data leakage, McAfee EMM can be used to ensure that devices without proper encryption in place and jailbroken or otherwise rooted devices cannot connect to the corporate network.

“Additional data protection technologies are under development including the separation of business and personal data,” McAfee said.

McAfee VirusScan Mobile software will provide anti-malware protection, and McAfee SiteAdvisor will protect users from landing on malicious Websites. With SiteAdvisor, users will be alerted immediately if the site they are navigating to is potentially dangerous, such as a phishing page or one that is booby-trapped for drive-by downloads.

Just securing the device and making it hard for non-authorised users to read the data is not enough, especially in light of the number of malicious applications that are out to intercept sensitive details, harvest personal data and transmit information to third-party individuals.

“The emerging mobile malware we are seeing today is just the beginning,” Dasher said.

Personal App-Scanner

The McAfee App Alert, currently in beta, informs users how installed apps are accessing the user data. Many of the apps often require more permissions than necessary, and users are not always clear what information is visible to other apps. App-scanning technologies also exist in app stores, so that the storefront can verify the apps are clean and safe for customers to download and use.

In addition, the company is expanding the scope of its Global Threat Intelligence network to include reputation information for mobile apps. With this addition, it will be possible to identify apps with a bad “reputation” as malicious. Bad reputation will include apps that put privacy at risk by exposing sensitive information that could potentially be exploited by other apps.

Considering that the volume of malware targeting Android devices jumped 76 percent last quarter, securing mobile devices, applications and the data stored on them has become a priority, McAfee said.

“It’s a whole new world and a challenge for IT to craft security policies that make sense while updating their infrastructure,” Dasher said.