Effective immediately, MobileIron is tightly integrating mobile app risk mitigation analysis from Marble Security into its Enterprise Mobility Management (EMM) platform. Scanning technology now analyzes apps downloaded to smartphones and tablets managed within a MobileIron deployment to provide IT mangers with a continuous view of the threat level posed by every mobile device under their purview.
Risk determinations are based on data collected through the analysis of more than 1.2 million different apps. Drawing from this analysis, Marble Security Labs (Marble Security’s research division) reports that 30 percent of apps are capable of leaking users' private data and exhibit risky behavior.
For MobileIron EMM, this means Marble Security technology can apply a dynamic risk score for each app analyzed. That way, administrators can better use MobileIron App Security and Access Control to create policies that restrict network access to devices (or remove apps) that exceed acceptable risk levels.
There are a number of reasons why an organization would want to avoid letting employees install compromised apps on their smartphones. Hackers may attempt to steal login credentials to gain access to corporate resources or track the location of users, for example.
“Our customers want to provide mobile business apps that employees love, but they face the challenge of securing those apps that reside on devices alongside personal apps, especially in bring-your-own-device environments,” said MobileIron Vice President of Product Management Sean Convery in announcing the partnership with Marble Security. “Marble is a natural addition to the MobileIron ecosystem, as its solution provides visibility into the risk presented by apps installed on a managed device.”
Equal Opportunity Malfeasance
Interestingly, Marble Security app analysis reveals, among other things, that iOS and Android devices are equally vulnerable to compromised apps.
“Enterprise security managers need to know that Apple’s vaunted iOS mobile security reputation hinges on its app distribution control, not on any inherent superiority of its operating system,” said Marble Security Founder and CTO David Jevans. “We broke it down in our labs against 14 leading attack vectors for mobile devices, and aside from their app distribution control, iOS and Android are equally at risk to the mobile security threatscape facing the enterprise.”
Jevans’ takeaway for network security managers: Don’t take iOS device security on faith and allow employees with iPhones and iPads unfettered access to corporate resources.