Published: June 2019
Mobile devices remain one of the fastest-evolving technologies within an enterprise’s IT security architecture. Enterprise IT security teams managing mobile device risk must make significant decisions early in the process of selecting mobile security products. Should mobile security policies target device control, application control, data security, or should they take a multi-faceted approach? Should access to corporate data be restricted by mobile operating system? What are the minimum needs for multi-factor authentication (MFA), and how can mobile device technology enable broader requirements? Will threats found on mobile devices be prioritized, and how will alerts be communicated? Which teams will manage IoT and cross-platform operating systems? Should existing network security products (e.g., next generation firewall, intrusion detection system, traffic analysis) be leveraged, and if so, how?
NSS Labs recently completed the 2019 NSS Labs Mobile Security Study in an effort to understand mobile security in modern enterprises. Data was obtained using a two-armed qualitative and quantitative study, with reach into both United States and European organizations. Data from this study will be used to inform our enterprise client inquiry, to develop test methodologies, and to improve our overall understanding of IT security architecture risk.
The 2019 Mobile Security Intelligence Brief reviews multiple facets of mobile security in the enterprise including mobile device definition, features in use, challenges with building a mobile security strategy, visibility into threats, perceptions of risk and protection, and integration of mobile security with IT security architectures. It also provides guidance for enterprises exploring mobile device security products during proof of concept.
What’s in this paper?
- Product definition
- Challenges of building a mobile security strategy
- Perceptions of risk, privacy, protection, and maturity
- Impact on user experience
- Integration of mobile security with IT security architectures
- Choosing a mobile strategy
- Proof of concept considerations