Janvier 10, 2019

Lessons from 2018: Handling the next mobile security breach

Jasmine Henry



As mobile adoption soars, malicious hackers are evolving their tactics to match user behaviors. The past 12 months hosted a new volume and variety of threats to enterprise devices and the Android OS platform.

In 2018, the number of Android OS security threats continued to accelerate, growing from four million identified Android-based malware samples in 2017 to five million malware samples in the first five months of the year alone. Two notable trends included a proliferation of threats targeted toward Android applications and malware focused on corrupting devices by targeting open components, such as Wi-Fi or Bluetooth ports.

In a connected enterprise fleet, your mobile devices are physical assets that can present risks when unsecured, from breaches of valuable company data to lost control of devices. To safeguard against new threats, supervisors of enterprise mobility need to consider the security trends and adapt accordingly.

With the following trends in mind, how can enterprises adapt to protect their mobile devices in 2019?

 

Malware kits target device vulnerabilities

In the past year, attackers have begun targeting open Wi-Fi and Bluetooth ports on Android mobile devices through proximity to the device using malware kits. If successful, they can jailbreak the targeted device to steal valuable corporate or customer data. Proximity-based attacks are likely here to stay, and it’s important to avoid underestimating the role device security plays in safeguarding against a security breach. Protecting corporate-owned devices and onboard content from the latest Android malware requires detection and response capabilities, such as devices engineered for protection from the chip up.

 

Harmful applications proliferate

Risky application content and insecure user behavior can put enterprise fleet applications at risk. Even content downloaded through official Android app stores became a malware risk in 2018, due to a trend of “malvertising” — scamware advertisements displayed on apps. A flood of spoofed bank applications hit the Play Store in early summer and published hundreds of consumers’ credit card data online in plain text.

The Android security community ramped up efforts to verify 50 billion consumer apps in real time. A November announcement from Google Security stated Android devices which exclusively install content from the Play Store have a 0.68 percent chance of potentially harmful apps (PHA). Consumers were urged to deploy recent OS platforms such as Nougat, Oreo and Pie for protection.

Malicious application content spread like wildfire in 2018, and PHA is becoming harder for the average user to detect. Containerization solutions can protect corporate data and apps from application-based risks by creating boundaries between work and personal content, and safeguarding sensitive data with credentials or biometric authentication.

 

Corrupt connections capture data transmissions

Malicious hackers and collectives continued to exploit Wi-Fi connections in 2018 with man-in-the-middle attacks (MITM), which involve tapping a public wireless network to eavesdrop or capture data transmissions. In a single month, 4 percent of Android devices had encountered a MITM attack, while more than a quarter connected to an open and potentially dangerous Wi-Fi network. Implementing automated protection can safeguard your fleet from the risks of public Wi-Fi in 2019 by locking devices as soon as an attempted compromise is detected.

 

Android security patch addresses kernel vulnerabilities

The October 2018 Android Security Bulletin detailed a source patch developed to address “a critical security vulnerability in Framework” which could enable remote hackers to execute code impacting device kernel components. A compromised kernel can lead to a security breach due to sensitive data exposure or the possibility for malicious actors to remotely control an affected device.

To avoid exposure to similarly serious risks, enterprise mobility leaders should automate the remote deployment of Android security patch releases at scale. Cloud-based solutions like Knox Manage can create efficient enterprise mobility management (EMM).

 

Securely innovate with custom content

Providing trustworthy access to customized corporate applications was a key focus for both developers and organizations in 2018. One recent Play Store announcement tackled the need to “safely and quickly distribute private enterprise apps” on corporate-owned mobile devices. While solutions to distribute content are important, enterprise mobility teams need more to balance security and innovation.

To capture the potential of the next mobile economy, organizations need enterprise-grade solutions to develop and distribute purpose-built applications. In 2018, as much as 62 percent of enterprise mobile app development teams had a backlog, which is sometimes as large as 10 or more apps in the queue. Knox Configure supports rapid Android development for unique vertical use cases without compromising application security, creativity or speed. Custom content can be securely deployed via Knox Manage or an enterprise app store.

 

Mobile innovation expands beyond smartphones

Balancing security with usability has always been an important key to driving successful enterprise mobility, but 2018 Android trends illustrate that aversion to change is an enormous risk. Threats to Android device and application security evolved significantly in recent months. Innovations last year introduced entirely new possibilities for enterprise mobility. The recent announcement of the Android One UI platform and the world’s first foldable smartphone show that 2019 will be a year of 2-in-1 hybrid devices, workplace wearables and emerging technologies.

Combining the right Android devices with purpose-built applications enables operational efficiency, employee engagement and customer satisfaction. However, it’s important to consider security breach risks as you drive next-generation mobile capabilities in your enterprise fleet. Evolution in the Android OS threat vector in 2018 underlines the ever-growing importance of implementing security measures to protect corporate-owned devices and the sensitive data they contain.

Samsung’s Knox, built from the chip up in each of its mobile devices, provides a comprehensive set of capabilities to enhance the Android platform for superior security and manageability.

[Icon] fermer

Lancez-vous avec Samsung Knox

[Icon] valise
Êtes-vous un revendeur, un fournisseur de solutions ou un fournisseur de services ?

Devenez un partenaire Knox et développez votre entreprise aujourd'hui.

[Icon] infos

Pour commencer, sélectionnez un produit Knox :

Pack tout-en-un
Knox Suite
Rebranding et personnalisation
Knox Configure
Protection contre la fraude et le vol
Knox Guard
Programme de protection des appareils
Samsung Care+ for Business
Autres produits et services

Démarrez avec

[Image] Knox Suite

Pack de solutions tout-en-un pour la mobilité des entreprises.

  • Obtenez un essai gratuit de 90 jours pour jusqu'à 30 appareils.
  • Un ensemble complet d'outils pour sécuriser, déployer, gérer et analyser les appareils de votre entreprise.
  • Essayez des fonctionnalités puissantes réunies dans Knox Suite.

Knox Suite inclut:

Knox Mobile Enrollment Gratuite
Knox Manage
Knox E-FOTA
Knox Asset Intelligence
Knox Platform for Enterprise Gratuite
Assistance à distance Knox
Knox Capture
Knox Authentication Manager

Démarrez avec

[Image] Logo Knox Configure

Donnez une nouvelle image à vos appareils Samsung et personnalisez-les.

  • Obtenez un essai gratuit de 90 jours pour jusqu'à 30 appareils.
  • Configurez à distance tous vos appareils Samsung et personnalisez-les immédiatement pour répondre au mieux à vos besoins spécifiques
  • Configurez vos appareils pour un déploiement unique, ou mettez-les à jour autant que vous le souhaitez.

Démarrez avec

[Icon] Logo Knox Guard

Protection contre la fraude et le vol pour les appareils Samsung.

  • Obtenez un essai gratuit de 90 jours pour jusqu'à 30 appareils.
  • Réduisez les risques financiers et protégez vos actifs en contrôlant vos appareils Samsung à distance.
  • Testez toutes les fonctionnalités de Knox Guard, y compris le contrôle de carte SIM et le verrouillage des appareils.

Démarrez avec

[Image] Logo Samsung Care Plus For Business

Programmes de protection de vos appareils Samsung.

  • Limitez les interruptions des activités de l'entreprise avec des réparations et des remplacements rapides des appareils. Contactez l'équipe commerciale Samsung pour vous lancer.
  • Visualisez la couverture de tous vos appareils et demandez des informations, le tout via une plate-forme unique.
  • Vous avez acheté Samsung Care+ for Business ? Créez un compte et activez votre forfait sur la console Samsung Care+ for Business.

Autres produits et services

[Image] Logo autres

Des solutions modernes pour répondre à vos besoins uniques.

  • Bénéficiez d'une assistance technique efficace grâce à un gestionnaire de compte dédié avec Enterprise Tech Support.
  • Créez des appareils sur mesure pour votre entreprise grâce à Samsung Software Customization Services.
CONTACTER LE SERVICE COMMERCIAL