Organisations overwhelmed by increased security complexities in detecting and resolving mobile threats
AccessData, the leader in incident resolution solutions,has bridged the security gap between prevention-focused mobile device management (MDM) solutions and mobile threat detection and response, by adding mobile device support in the ResolutionOnePlatform. ResolutionOne integrates network, endpoint and malware analysis, threat intelligence, end-to-end e-discovery and remediation technologies into a single, scalable platform.
The explosive growth of BYOD and mobile devices provides increasingly attractive entry points through which cyber criminals are penetrating corporate networks. The rapid growth of advanced attacks, in the form of mobile malware, data leakage and insider threats, is escalating as information security teams struggle to rapidly detect and respond to these security incidents. Add to that the challenges of deploying threat detection and remediation capabilities across a company’s networks and endpoints – including thousands of mobile devices housing enormous amounts of sensitive data – and the cybersecurity situation seems insurmountable for many corporations.
In a technology first, the mobile device support provides comprehensive, real-time visibility, intelligence and resolution capabilities across iOS and Android devices on or off corporate networks. The platform is the first to incorporate current MDM and MAM mobile device policies with real-time proactive mobile device monitoring to discover, analyse, respond to and resolve mobile threats at an enterprise scale.
– Full coverage of iOS and Android devices
First technology to provide deep visibility through activity recording and data collection on bothiOS and Android devices.
– Threat Intelligence
First to auto-correlate mobile data against ResolutionOne’s ThreatBridge™ threat intelligence engine to detect known threats.
– Analytics
Identifies unusual behaviours and anomalies when looking at aggregated mobile device data across the enterprise.
– Incident Replay
Allows users to see in detail what happened at any point in time, formulating a timeline of events and the ability to reconstruct an incident.
– Geolocation Visualisation
Provides geolocation information so investigators can track devices accurately on a graphical map.
“Organisations face growing challenges with multiple niche point products that are unable to provide the complete picture on incidents of all types,” said Lee Reiber, Vice President Mobile Solutions at AccessData. “They rely on MDM and MAM solutions to handle their mobile security. This represents a false sense of security as the software is not equipped to deliver incident detection, response, andremediation. To address this need, we incorporated our advanced mobile forensics capabilities into theResolutionOne Platform to extend rapid threat detection, analysis and resolution across iOS and Android devices.”
The mobile endpoint monitoring feature operates in a similar fashion to the desktop version. The mobile agent is delivered silently to iOS and Android devices which are connected to the enterprise’s network via a MDM or MAM application catalogue. The devices are then monitored by the ResolutionOnePlatform where processes, network communications and mobile device data are captured at predefined intervals. The data is auto-correlated with the ThreatBridge engine’s integrated, customisable threat intelligence library, to identify any known threats such as malicious IP addresses and known malware. It also detects unknown threats by providing visibility into network communications and running processes, so anomalous activities can be identified and remediated.
The ResolutionOne Platform with the mobile agent capabilities improves information security and business processes with actionable intelligence to quickly identify and resolve security incidents.
– The remote real-time visibility and remediation capabilities can accurately identify impacted mobile devices thus eliminating the laborious and time consuming task of collecting the entire fleet of mobile devices for analysis and reimaging.
– Organisations can save valuable time, resources and related costs while resolving incidents faster.
– Companies can minimise business risks, productivity loss, business downtime and potential revenue loss by not having to physically collect and analyse the entire company’s mobile devices.
– The platform installs into existing enterprise environments with the flexibility to scale as anorganisation’s needs change. It also integrates current and new third party threat feeds/MDM/MAM solutions, other software and applications into a single platform.
About AccessData
AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://accessdata.com
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.