Mobile Threat Defense
Most Mobile Threat Defense solutions are passive tools that send notifications on detecting suspicious activity, and must rely on third-party solutions, like EMM, to take any action to protect corporate data. This is often too little and too late.
Symantec Endpoint Protection Mobile (SEP Mobile) responds in real time, taking deliberate actions and leveraging machine learning to protect devices and the resources they connect to.
On-Device Mobile Threat Protection
The SEP Mobile app protects with or without an Internet connection
Mobile Network Access Control (mNAC), unique to SEP Mobile, delivers the most powerful protections in the mobile threat defense market, including some of the protections listed here. Below is a selection of proactive protections provided by SEP Mobile, most of them unique to this solution:
- Selective Resource Protection (SRP) - Stops communications to IT-defined sensitive resources when under a network attack, if the device is deemed to be risky or if there is communication detected to a malicious C&C server. Protected traffic will not leave the device, but non-sensitive activities may continue.
- Secure Connection Protection (SCP) - An on-demand VPN activates immediately in response to insecure network connections, and will automatically deactivate when the threat is removed.
- Corporate Wi-Fi Protection - A noncompliant will not be allowed to connect to the corporate Wi-Fi, protecting the company infrastructure.
- Fake Corporate Wi-Fi Protection - Protected devices will not connect to Wi-Fi networks designed to look like a legitimate corporate Wi-Fi. This is a common technique to capture corporate credentials.
- Malware Defense - Malicious apps are often identified and blocked before installation can take place, including zero-day malware not found in any signature database. Apps may actually be removed pre- or post-installation in certain cases, as on Samsung Knox devices.
- Unwanted Apps - Admins can specify characteristics of apps that are not acceptable in their organization and treat them the same as malware.
- Android App Communication Quarantine - Admins may choose to quarantine communications from any potentially risky Android app until analysis is complete and the app is determined to be safe.
- Indicators of Compromise (IOC) Protection - Ability to protect against many IOC events which can be precursors to rooting/jailbreaking exploits – e.g. high-privilege shell, altered runtime environment, etc.
- Malicious Process Termination - Whether identified as malware or an unwanted app, processes determined to be malicious or undesired may be terminated.
- Malicious C&C Blocking - Communications with any known bad Command & Control server may be blocked, regardless of the source, even if it is an iOS app that has not been analyzed.
- Message Defense - Malicious MMS and SMS messages (e.g. Stagefright) are detected before they can cause any damage.
See how Aetna protects their patient data with SEP Mobile
OS Upgradability Control Minimizes Mobile Risk
The easiest action that can reduce mobile risk is to keep up to date on OS security patches, but you may not get a notice from Apple for days or weeks, and you may never get a notice for your particular Android device. Let SEP Mobile keep your mobile devices up to date and secure.
- Apple users get alerted as soon as a new update is available, anywhere in the world.
- Android users get custom alerts for when an update is available for their particular hardware and service provider – Only SEP Mobile can do that.
- Admins can establish how many minor releases a device can be out of date before it is considered noncompliant.
- Admins can search for all devices that are OS upgradable, and even automate end-user notifications to improve compliance.
- Admins can see the specific OS version and patch available for every device in their organization, and the severity of patched vulnerabilities
Use EMM Integrations to Add Even More Protection Actions
SEP Mobile uniquely provides the critical real-time protections identified above for both managed and unmanaged mobile devices. For your managed devices SEP Mobile also has tight integrations and strong partnerships with all of the leading EMM/MDM players, providing real-time intelligence to enhance EMM policy enforcement and provide the most comprehensive mobile security for our customers. SEP Mobile supports multiple levels of integration, from simple app deployment and management to full bi-directional communication and compliance enforcement.
Learn about our integrations with the following solutions: