For mobile applications, key security controls include the following:
- Mobile Application Verification (MAV) ensures that applications comply with company policies and do not contain known exploitable vulnerabilities.
- Mobile Application Management (MAM) guarantees the compliance of deployed applications. However, neither MAV nor MAM are generally zero-trust aligned to support continuous authentication.
- Mobile Threat Defense detects and mitigates threats from suspicious user behavior or network activity as well as malicious attacks.
- Secure containers provide isolation techniques to prevent organizational and personal data from mixing.
DIVE DEEPER: Learn how security policies need to adapt to accommodate working from anywhere.
Mobile operating systems themselves have built-in security features, including:
- Data isolation techniques block unauthorized communications between device and user data stores.
- Platform management APIs allow EMMs and other security management tools to control device security and functionality.
- User and device identificationa key enabler of zero-trust compliance, involves access via multi-factor authentication.
Three Mobile Security Steps to Take Right Now
The mobile security technologies described above can greatly contribute to the implementation of zero trust in the mobile environment. However, to fully implement mobile zero trust, the business must take three additional steps.
First, mobile application development and application security verification require greater scrutiny to ensure alignment with zero trust for access to corporate resources. Applications should be carefully evaluated to ensure that they support continuous authentication. In-house developed applications should be reworked to include continuous authentication if they are not currently in place. MAVs should verify that all apps — both those developed in-house and those acquired through OS vendor app stores — comply with policies.
Second, ensure that mobile devices implement application and data segmentation. Although mobile operating systems have built-in security controls to enforce segmentation and can sandbox applications and data, the enterprise should carefully consider enterprise applications that are custom-built for application-level segmentation. and data. Applying continuous multi-factor authentication is also necessary to ensure consistency with zero-trust principles.
Third, take steps to ensure tighter integration between EMM and mobile threat defenses to ensure timely threat mitigation. Many vendors are aligning their systems with the zero-trust approach, including continuous authentication assessment and device health reporting.
READ MORE: Learn how to simplify device management in a hybrid work environment.
Improve your security with smart authentication
Some EMM systems include “smart” device authentication, combining biometrics with individual user behavior. Using advanced rulesets powered by artificial intelligence, these systems can enable adaptive authentication to provide granular security for every user interaction. Organizations can also strengthen the integration between EMM and mobile threat defense systems and their existing logging, monitoring, diagnostics and mitigation systems.
Every business is different and there is no single strategy for implementing mobile zero trust technology. Each organization should develop its own roadmap and timeline aligned with its goals. Businesses can develop their strategies based on an assessment of the risks they face, with granular policies to mitigate risk.
Likewise, each organization must determine the granularity of continuous authentication to balance security and usability. Related changes should be incorporated into this infrastructure as required.
Finally, as with any security approach, technology is only part of the solution. Companies need to review their mobile usage policies and ensure that their processes and human factors are aligned with their zero trust goals.