Have you ever gotten an email from someone that requested you call them immediately only to find out that they haven’t included their phone number? It’s frustrating, right? Things like this happen all the time: you’re alerted to something important, but ultimately you’re left without the tools you need to take the appropriate action.
For IT departments across the globe, analogous scenarios can become a pretty massive headache with respect to mobile threat defense. All of the end users they support have mobile devices, and even if IT has purchased some kind of mobile security solution, they’re frequently limited to just sending alerts and hoping users take appropriate actions or are at the mercy of other enterprise systems.
In a mobile world where zero-day threats and data breaches are a huge real-time threat, the key to mobile threat defense lies in finding a solution that seamlessly ties together mobile threat prediction, mobile threat detection and mobile threat prevention. For that reason, when Skycure detects a mobile threat, it alerts the user and IT, but it also takes automated remediation measures. Here is one of many examples that you won’t find in other enterprise mobile security or mobile threat protection solutions, that responds to a suspicious network connection:
- First, Selective Resource Protection (SRP) activates in real-time to protect sensitive corporate resources. Communication between the device and sensitive resources are immediately blocked. Skycure admins can pre-define resources which are considered sensitive, such as email servers, file servers, Salesforce.com, etc. This manifest of sensitive resources is stored locally on each user’s device (via the Skycure app) so that when a threat is detected, Skycure automatically protects sensitive data, so the hacker has no opportunity to see or steal this important data. The rest of the Internet and all non-sensitive resources continue to function normally, which prevents the user’s mobile device from being completely inoperable, ensuring security without hampering productivity.
- Second, Secured Connection Protection (SCP) will attempt to activate a VPN. The feature switches on and attempts to connect to either Skycure’s native VPN or a 3rd party VPN that IT has preconfigured. Once connected to the VPN, end users will be able to resume normal usage of their device, including access to sensitive resources, since communication is now trusted and secure. This adds an additional layer of encryption on top without decrypting and re-establishing a secure tunnel, making sure Skycure does not view or store any sensitive corporate data. If a connection to the VPN cannot be established, SRP (as described above) will remain activated until the detected threat is removed (for example, when the user disconnects from a malicious network).
The combination of SRP and SCP results in an end user’s mobile device protecting itself (and corporate data) immediately when a threat is detected, but without rendering the entire mobile device useless. This provides IT with a solution that is surgical and effective, but not a complete hindrance to the end user’s productivity. And, most importantly, since SRP and SCP are both activated automatically, it means that the threat (or the attacker) never has the foothold it needs to actually exploit that device.
Compare that to a solution that merely sends the end user an email that says they have logged on to a potentially malicious network. The end user has to see that notification, read it, take it seriously, and then act on it. If the end user decides to take action (and that is a big if), the few minutes (or hours…) prior could mean the threat has already stolen plenty of sensitive data. It only takes a moment to expose enterprise credentials.
Another scenario is when the hacker attacks the MTD solution itself to cut it off from the network or manipulates the messages so the user thinks there is no problem, but the hacker is spying on all communications. Other solutions are not able to protect from these threats by themselves, and an EMM remediation may be to completely cut off the device from the network. Skycure’s on-device protection is smarter and proactively protects critical resources while allowing the user to continue being productive.
Considering that 40% of mobile devices are exposed to a network attack within the first three months of security monitoring, it’s not a question of ‘if’ an end user will be affected, but ‘when’. Given that kind of likelihood, and the damage that breaches can cause, it’s crucial that IT organizations select a solution that can truly mitigate these risks. Every second counts when an end user’s device has been compromised, which is why Skycure’s automated protection is the key to keeping your end users and data safe and secure.
Watch this quick video to see exactly how Skycure handles an end user connecting to a malicious network or read more about how New York Life used Skycure to deliver mobile threat defense to their end users.