Security

Keep Mobile Technologies Safe with Adaptive Protection and Device Control

Context and behavior are key additions to the tools necessary to combat BYOD risk.

Peter Dunn is Federal CTO for CDW Government.

As more federal agencies allow and encourage the use of BYOD mobile devices, the number of endpoints that must be monitored for security breaches increases.

On a fundamental level, mobile endpoint security helps agencies protect users’ devices and data, as well as prevent unauthorized users from accessing sensitive corporate or personal information.

As security risks increase, these endpoint security tools need to become even more sophisticated. In particular, adaptive protection techniques use AI and behavioral analysis of users to detect and stall attackers targeting mobile devices.

In addition, device control provides security teams with data to detect who’s using the device to access assets and whether they’re permitted to do so.

As agencies adopt a zero-trust security architecture, these advanced endpoint management solutions become more critical. Standard mobile device management capabilities may not be enough in this new environment.

Click on the banner below to become an Insider.

Adaptive Protection Provides Mobile Security Similar to Headquarters

Some MDM tools, for example, may not monitor the incredibly common act of downloading a new app from your smartphone’s online store. Maybe your new game has a backdoor that allows a malicious actor into the network, and neither you nor your device has any idea.

If you’re using your personal smartphone for work, that lack of awareness is problematic. Even with two-factor authentication in place for certain locations, such as your bank’s website, the MDM needs to watch more intently in the government environment.

DIVE DEEPER: Brush up on CISA’s guidelines for remote work device security.

What protective mechanisms do Defense Department employees have, or FEMA employees who must travel to disaster sites away from their home offices?

Adaptive protection and device control ensure that devices, especially of the BYO variety, have the same level of cybersecurity protection whether they’re sitting in a U.S. airport, an overseas hotel or the agency’s own headquarters.

These tools move away from static, policy-based endpoint security to something more behavior- and context-oriented. Let’s say that historically, you turn your phone off at night and don’t use it until morning. Yet, after downloading a new app, your phone is downloading or sending several gigabytes of data when it’s usually inactive. Adaptive protection enables the device’s security to notice that something is wrong, and to do something about it.

Link Existing Tools for More Secure Protection

For example, let’s say a federal employee is on travel to Texas, but he’s normally based in Washington, D.C. He leaves his phone on the plane, which is now en route to St. Louis while transmitting data that it shouldn’t be. The adaptive protective mechanism will recognize the problem, and should be able to lock the phone and cut off the improper upload.

An MDM device manager could work with a cloud access security broker with a secure web access gateway and some endpoint protection — tools linked properly to ensure security policies are acted on when the device is acting abnormally.

EXPLORE: Endpoint detection and response tools for improved cybersecurity.

Since this is the employee’s own phone, the mechanism will still allow the owner to make personal calls or dial 911; it just cuts off the professional network.

MDM tools must adapt to circumstances. FEMA workers sent to Puerto Rico and Florida for hurricane response need their devices to recognize that they’re still the user, even if their locations don’t match their usual movements. The more that the government moves into a zero-trust space, the technology will have to adapt to that use case as well.

This article is part of FedTech’s CapITal blog series. Please join the discussion on Twitter by using the #FedIT hashtag.