Although it can be argued there’s still some FUD (fear, uncertainty and doubt) around the rise of mobile device malware, there is no doubt as McAfee releases its latest mobile device management and security software that several factors are responsible for the perceived risk around mobile devices:
- They have become powerful computing devices, more than the equal of desktop computers not many years ago, with plenty of processing power and gigs of data storage capacity.
- They are pervasive. Smart phone shipments have finally surpassed PCs. The gap will widen.
- They are being used as business devices. Companies are supplying smart phones and/or adopting a BYOD (bring your own device) policy or a combination of both.
- Android phones are growing rapidly in popularity. They are also the highest risk phones, as Google has failed to properly vet new apps before they are made available.
McAfee’s release of the latest version of its Enterprise Mobility Management (EMM) product reinforces the view that most major security vendors are going all in on mobile security, reflecting the both business realities and market opportunities (Symantec also announced several major mobile security enhancements today).
Mobile device management (MDM) goes hand in glove with mobile security, as enterprises come to grips with heterogeneous smart phone platform environments, particularly in the somewhat vexing BYOD (bring your own device) business world. Companies are looking for ways to manage and control corporate and personal devices, walking the fine line between business interests, security, productivity and privacy. (McAfee entered the MDM market in 2010 with the acquisition of Trust Digital.)
EMM 10.0 introduces application blacklisting for iOS and Android platforms, allowing administrators to define and block selected apps. This is particularly important for Android, whose app model allows apps to become publically available without proper vetting (Apple follows a far more rigorous control model for new apps). As a result, Android has been plagued with malicious apps. Google has taken some recent steps to address, notably the introduction of “Bouncer” to scan for malicious applications.
Corporate and personal email accounts (including contacts and calendars) can now also be segregated by policy for both iOS and Android, so that employees cannot send out sensitive corporate information contained in corporate email via their personal email .
EMM also improves administration, providing bulk provisioning for both iOS and Android devices to large groups of enterprises users. EMM also flags iOS phones as non-compliant if the user removes the configuration profile.
McAfee is also introducing a new version of McAfee VirusScan Mobile Security for Enterprise that detects malware on Android phones. The software scans for malware in files, memory cards, applications, Internet downloads and text messages. The new release also blocks untrusted SSL certificates on iOS phones.