2018 Gartner Market Guide for Mobile Threat Defense
Gartner has released its Market Guide for Mobile Threat Defense, with a central message:
"Mobile threat defense (MTD) solutions have matured and can provide value to organizations looking to strengthen their mobile security. Security and risk management leaders should leverage MTD to address evolving mobile security needs."
Gartner, Inc. “Market Guide for Mobile Threat Defense” by Dionisio Zumerle, John Girard, October 30, 2018
Mobile Threat Defense solutions have graduated to become an important part of enterprise security architectures. Enterprise organizations are embracing cloud solutions to perform central work tasks. These solutions house sensitive corporate data, which employees can access from any endpoint, including mobile devices, from any network. A corporation’s traditional perimeter security, in this new world of work, no longer applies. Enterprises have a new mandate to protect data from threats and risks that are unique to this work-from-anywhere environment.
Gartner states in its “Recommendations” section:
“To address mobile risks, security and risk management leaders should:
- Introduce MTD solutions gradually. Adopt MTD solutions sooner in high-security verticals, with large Android device fleets, or in regulated verticals, such as finance and healthcare.
- Leverage app vetting and device vulnerability management MTD functionality first to demonstrate immediate value to the organization.
- Integrate the MTD solution with the UEM tool. Prefer app-based deployment, leaving proxy-based deployment options for corporate-owned business-only (COBO) scenarios.”
Securing a “post-perimeter” world
If legacy security technologies no longer apply, then a few key things become true: devices cannot be trusted and security must move to the endpoint.
Lookout calls this combination of on-device monitoring and zero trust, “post-perimeter security.” Post-perimeter security requires continuous conditional access to constantly monitor for risks on the device and stop an employee from accessing and authenticating to an enterprise’s cloud services when risks are present.
Though they might not always be communicated, the risks are real. Attackers are taking advantage of the fact that legacy security technologies cannot properly address this new post-perimeter world.
Mobile phishing is an active concern for enterprises
Specifically, mobile phishing continues to be a main concern for enterprises and remains a largely unsolved problem due to mobility. Year-to-date in 2018, 50.8% of Lookout users with Safe Browsing turned on encountered a phishing link. That could be half of an enterprise’s employee-base.
“One of the most discussed use cases in the past year has been mobile phishing,” Gartner states, “The screens of mobile devices are small, and the presentation of information tends to leave out details to enhance user experience. There are also numerous channels to reach a mobile device that, unlike email, are not under phishing protection. It is, therefore, easy for users to fall victim to phishing on mobile devices. MTD solutions can protect from malicious URLs sent via email, text, social or instant messaging and other apps. Depending on the solution and type of deployment, MTD solutions can remediate, for example, by blocking the URL or by alerting the user about the threat.”
Get deeper insights into the state of mobile phishing in our report, “Mobile Phishing 2018: Myths and facts facing every modern enterprise today.”
Regulation plays a large role in the adoption of MTD solutions
Regulated industries have an added layer of pressure to adopt MTD solutions in order to ensure that all endpoints are compliant with varying legislation. These industries include finance, healthcare, manufacturing, and others.
“Compliance is another frequent use case. Gartner clients sometimes suggest the reason they are looking for an MTD solution is regulation-related or related to the recommendations of an audit,” Gartner states.
Businesses, regulated or not, who are interested in learning more about potential compliance risk (especially in light of new regulation such as GDPR) should take this Mobile Risk Assessment.
If you want to learn more about how Lookout specifically addresses compliance with regards to finance and healthcare industries, check out these Coalfire reports:
- Coalfire Systems report: How Lookout Mobile Endpoint Security helps organizations with GLBA compliance
- Coalfire Systems report: How Lookout Mobile Endpoint Security helps organizations with HIPAA compliance
Matured MTD means enterprises are more secure
As MTD solutions gain more maturity in product offering, enterprises ultimately win. The risk landscape is real and requires action from security leaders. Though mobile attacks may not be making headlines every week, threats are often underreported. The new post-perimeter age of work demands a new kind of security. Lookout Mobile Enterprise Security addresses all of these challenges, securing corporate data and handling risk.
Want to learn more about how Lookout can security your data in a post-perimeter world? Contact us today.
(1) Gartner, Inc. “Market Guide for Mobile Threat Defense” by Dionisio Zumerle, John Girard, October 30, 2018.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.