It's not about you: Mobile security in 2016

IT’S NOT ABOUT YOUMobile security in 2016

Connect with us

Follow us on Twitter @NowSecureMobile

Subscribe to #MobSec5 our weekly mobile security news digest

http://mobsec5.nowsecure.com/

Visit our website https://www.nowsecure.com

Sam BakkenContent Marketing Manager@skbakken

● 7+ years marketing cybersecurity

solutions

● Managing Editor, 2014 & 2015 Trustwave

Global Security Report

Email: sbakken@nowsecure.com

Contents

● It ain’t about you

● Pressing issues

● Leaky / risky apps

● Mobile fragmentation

● What do you need to do?

● Questions

Typical security defenses fail in mobile settings because they protect boundaries rather than the information itself, and mobile users do not respect traditional boundaries.

Gartner: https://www.gartner.com/doc/3158326

You’ve lost control of the perimeter.

Pressing issues

● Dual-use devices (bring-your-own-device)

● Lack of administrative access and visibility

● Malware vs. legitimate leaky/risky apps

● Complex ecosystem of vendors

○ Fragmentation

○ Updates are slow, if they come at all

In mobile security

Malware

Legitimate apps that leak

sensitive data

Cybersecurity and Cyberwar: What Everyone Needs to Know

[The] market is fragmented, with multiple makers… each with a role in security but often lacking any sense of responsibility for it.

Announcements from Google last week

65 billion 600Apps downloaded from the Google Play store in

the past year

Android smartphone models launched in the

past year

The more popular an app (determined by downloads), the more likely it is to include a security flaw

1M-5MDownloads

5M-10MDownloads

100K-500KDownloads

View the full report

We kill people based on metadata.

General Michael Hayden, former director of the NSA and CIA

The value of even seemingly trivial data

PNAS Evaluating the privacy properties of telephone metadata

“We kill people based on metadata”

General Michael Hayden, former director of the NSA and CIA

Android fragmentation as of August 2015

Android Fragmentation Visualized (August 2015)

24,093DISTINCT DEVICES

Distribution of Android versions from NowSecure dataset

Android Years old Users

4.2.2 2.95 3%

4.3 2.50 6%

4.4.2 2.12 42%

4.4.4 1.59 4%

5.0 1.19 7%

5.0.1 1.14 7%

5.0.2 1.09 6%

5.1 0.87 3%

5.1.1 0.76 19%

6.0.1 0.12 3%

Prevalence of iOS versions from NowSecure Dataset

iOS Years old Percentage

7.1.2 1.56 3%

8.3 0.79 6%

8.4 0.56 4%

8.4.1 0.44 4%

9.1 0.25 6%

9.2 0.12 71%

9.2.1 0.01 6%

So what can you do about it?

Where does mobile risk originate?

A simple formula for mobile security

Vet apps to ensure they don’t exceed your risk threshold

+Make sure apps are installed on

healthy endpoints

Secure apps on healthy endpoints

Learn more about mobile endpoint security

Data you need to reduce uncertainty and increase visibilityWhat do you know, and what do you not know

What devices do employees use?

What OSs run on those devices?

What vulnerabilities exist within those OSs?

What apps do employees install on their devices?

How risky or leaky are those apps?

What destinations does your data travel to and is it encrypted?

Let’s talk

sbakken@nowsecure.com+1 312.878.1100

@skbakken

Keep tabs on the state of mobile security. Subscribe to #MobSec5 - a collection of the week’s mobile news that matters.

Subscribe to #MobSec5 now

It's not about you: Mobile security in 2016

Technology

Mobile Landscape - It's a mobile world - Miami Ad School - C1

Mobile web vs. native apps: It's not about technology, it's about psychology

Email & Mobile Theatre; It's not a phone: A future of mobile marketing

Mobile Security Apps - AV-TEST · PDF fileTesting mobile security Apps ... ESET MobileSecurity Norton Mobile Security QuickHeal Mobile Security Super Security Trend Micro Mobile Security

It's a Mobile Mobile Mobile World

Mobile Strategy Partners Mobile Security

Mobile Video Rocks! (Too bad it's going to kill the mobile network...)

RSA Infographics : It's A Mobile World

It's Time to Rethink Security Operations

TRITON Mobile Security Help - ForcepointTRITON Mobile Security Help | Mobile Security Solutions Welcome to Websense ® TRITON® Mobile Security. Mobile Se curity is a cloud-based service

It's Not About Mobile. It's About Mobility

MOBILE COMMUNICATION AND IT'S GENERATION

Mobile Payments : It's all in the pricing

It's time Mobile Security Index 2019 to tackle mobile ...€¦ · seriously. Since the publication of our Mobile Security Index 2018, we’ve seen the European Union’s General Data

Mobile security

Verified security. It's worth it

Mobile Technology - It's a mobile world - Miami Ad School - C2

Golden Gekko - It's all about mobile apps

Mobile developer: create games, it's cool and profitable

Moving Targets: Assessing the Security of Mobile Devices€¦ · Mobile Security •Mobile devices have come a long way • It's not your parents' brick phone •Mobile devices have