Cybriant provides two levels of protection for continuous mobile threat monitoring, analysis, and response.
Try a no-risk free trial today!
// SECURE YOUR FUTURE
Corporate infrastructures have been venturing into the BYOD (Bring Your Own Device) world for years often without knowing it.
Conditional restrictions are often not in place to prevent access to corporate data reposited in email, SharePoint, calendaring, corporate contacts, and other applications. And even in cases where conditional restrictions may exist, the usage of mobile threat defense software may not be present or utilized on the device.
Contrastingly, companies will often stringently secure their corporate laptops and desktops with MDR solutions, SIEM agents, and vulnerability management solutions.
The difference in approaches to BYOD devices versus corporate-managed devices is troubling because BYOD devices can often access the same confidential data but without similar safeguards. With the recent string of major vulnerabilities discovered in both the Android and Apple iOS ecosystems, it’s becoming more apparent that any device that can access corporate data is a potential avenue for attack.
We offer two different plans, the Standard and Advanced Service–which we customize to your needs.
Our Standard Mobile Threat Defense service provides a baseline of protection and assurance that your mobile devices will be secured against common threats and attack vectors.
Our Advanced Mobile Threat Defense service is specifically for high risk users whose breach would cause the organization serious harm. This service provides everything available in the standard level plus much more
Cybriant’s Standard Mobile Threat Defense (MTD) service is an affordable way to protect the majority of your workforce, contractors, and BYOD users. It provides a baseline of protection and assurance that your mobile devices will be secured against common threats and attack vectors. An exhaustive list of elements is available upon request.
Standard Level Benefits
With MTD – Standard, organizations are able to provide mobile protection for their general employee population, BYOD users, and/or any user with non-administrative access to infrastructure or computer operations for the organization.
To qualify for MTD – Standard we require that you have an MDM in place or utilize an MDM provided by Cybriant.
Standard Level Offering Includes:
Enhancements Available Include:
Cybriant’s Advanced Mobile Threat Defense service is specifically for high risk users whose breach would cause the organization serious harm. AI-based analysis is utilized to understand and profile the user’s actions, and raise alarms when the user’s devices behaves in a nonstandard manner.
Additionally, Netflow traffic as well as SSL inspection is performed for deep traffic analysis to discover data exfiltration to Command and Control infrastructures and other malicious entities.
Advanced Level Benefits
MTD-Advanced will help protect high-risk users including C-Level Executives, financial representatives who can authorize/make money transfers, any user with superuser/Administrator level credentials in corporate infrastructure, or any other high-risk employee.
To qualify for MTD – Advanced we require that you have an MDM in place or utilize an MDM provided by Cybriant plus have a defined Plan of Action in conjunction with Cybriant to secure devices.
Advanced Level Offering Includes:
* Total number of apps sandboxed per month is based on total Advanced Offering devices being managed
Enhancements Available Include:
// SECURE YOUR FUTURE
Just like your laptop/desktop computer your mobile (phone or tablet) device runs software that must be updated regularly. This includes apps running on the phone which may have vulnerabilities exploited by potential attackers or phishers to install malware or gain control of the mobile device data. This problem is compounded when apps request and are granted elevated privileges on the mobile device. For example, “This app would like to have access to your contacts” could be a target for phishers.
This follows App Vulnerabilities namely because most users do not read software EULAs or take time to comprehend the privileges requested by an app. Furthermore, most app developers will request greater privileges than necessary to ensure ease of deployment and to avoid needing to require the user to agree to privilege escalation in the future due to an app update. The elevated User Granted Privileges are a ticking timebomb for vulnerable phone operating systems and apps.
Any app that is installed on a mobile device in a manner other than via the official App/Play store for the device is considered to be a Sideloaded Application. Sideloaded applications are typically not vetted by the official Apple/Google antivirus measures in their stores. So, users will install the “free” version of an app to avoid paying a fee to Apple/Google. It is common for the “free” software to have malicious code or device profiles/SSL certificates coupled with the software to harvest user data, banking credentials, personal pictures and messages, or your corporate data. Sideloaded Applications will commonly take advantage of the User Granted Privileges and App Vulnerabilities to gain access to data that was considered to be “secured.”
Malicious Devices Profiles and SSL Certificates are commonly utilized to conduct Man in The Middle (MiTM) attacks on any cryptographically secured data leaving the mobile device. This combined with the fact that it is common for mobile application developers to not implement mobile SSL correctly in their applications is a common way for an attacker to harvest usernames/passwords as well as sensitive data.
Attackers can set up wireless access points and give them the same name as a legitimate network. For example, an executive of your organization likes to drink coffee and read the news on his phone at Starbucks. An attacker could set up a wireless access point with the same wireless name SSID as Starbucks. To make matters worse, they could require the executive (without their understanding) to install a “Starbuck” device profile “to ensure the security and privacy of Starbucks customers.” At that point, all data could be routed and decrypted via the MiTM attack that occurred on the executive’s phone.
// REACH OUT
Shoot us a message to start a discussion about how our team can help you today.
Stay up-to-date on the latest news in the cyberverse.
