Risk
8/13/2012
10:14 AM
Kurt Marko
Kurt Marko
Commentary
Connect Directly
Facebook
LinkedIn
Twitter
RSS
E-Mail
50%
50%

What Sophos Brings To MDM Table

Security vendors are rushing to fill gaping holes in IT's ability to manage mobile devices. But if you expect perfection, you'll wait too long.

The invasion of personal smartphones into the enterprise, whether through the front door of an official BYOD program or back door of I'll see how much I can get away with is by now so well established that the IT discussion is no longer about whether it's a good idea, but rather how to cope with the onslaught of unmanaged devices from a hodge-podge of manufactures and running several different OSs. For IT, standing at the rampart and yelling stop is about as effective building a sand berm in the face of an onrushing tsunami.

It's a situation not dissimilar to that faced a couple decades ago as PCs began flooding into offices while IT was still ensconced in its raised floor lairs tending to "real" computers. Gradually, a software ecosystem developed to automate and centralize the management of inherently personal and distributed devices. Today, many of those same companies, including endpoint security specialists like McAfee, Symantec and Sophos, are rushing to fill gaping holes in IT's ability to manage mobile devices.

As our MDM research report and survey found last year, fully 65% of respondents anticipate an increase in employee-owned mobile devices. To no one's surprise, as we outline in a recent report on mobile application development, the vast majority of those phones and tablets will be running iOS and Android. MDM software is the industry's solution to the vexing problem of making order out of chaos, but so far it's been greeted with a lukewarm response by enterprise IT. Our survey finds under a third of organizations have implemented these all-in-one management suites.

Sophos, a firm better known for PC anti-malware and data encryption than mobile security seems determined not to miss the post-PC market. The firm, which built its Sophos Mobile Control product upon technology licensed from Dialogs, a German firm specializing in mobile and communications software, clearly felt that developing MDM technology is far too important and strategic to remain an outsourced function and acquired the company earlier this year. The first fruits of this union were announced this week with a point upgrade to Sophos' MDM product. On the surface, there's not a lot new in Mobile Control 2.5, which already boasted a solid, if not extraordinary, set of MDM features; the complete litany of which you can actually see in more detail by looking at Dialogs' smartMan feature list [PDF] rather than the vague marketing speak pervading Sophos' own data sheet. The big additions are improvements to its management interface and enterprise integration, notably the ability to link devices and security policies to Active Directory groups.

[ Doing nothing is not an option. Read 6 Keys To A Flexible MDM Strategy. ]

Mobile Control's AD integration allows tying users to specific devices and groups to sets of configuration policies. For example, marketing employees might be allowed to use the Facebook app on the corporate WLAN while everyone else is blocked, or executives may be configured to use an exclusive remote VPN gateway when traveling not available to other employees. The ability to automatically map policies and configurations to existing users and groups is a big boost to administrator efficiency.

Another enhancement in 2.5 is support for app distribution and control on iOS. Previous versions allowed installing and removing apps on Android and Windows Phone, but Apple's tight control over app distribution can complicate life for enterprises. The new version enables IT to push or delete iOS apps installed from either the App Store or an in-house portal. The update also features improvements to device compliance checking and reporting. Mobile Control features a handy client-side app that gives users an overview of the device's compliance status including any resolution steps they must take to rectify the problems. IT gets the same data for all devices on a central management console.

Although Sophos didn't participate in our MDM Buyer's Guide, when comparing its feature list to the 20 or so categories we asked about, Mobile Control could check almost all of the boxes. No, it can't remotely control a device (at least not the ones that matter: Apple and Android), nor remotely upgrade the OS, but when it comes to app management, policy enforcement, device inventory, usage tracking, geolocation, and remote wipe, Sophos has you covered. One area that Sophos doesn't address--again, for the smartphones people care about--and in all fairness, few MDM products do--is data backup. With the proper configuration and usage guidelines, mobile device backup shouldn't be a critical feature since, as I point out in an earlier column, it's best to keep company data off of mobile devices. But as I point out in a forthcoming report on e-discovery in the age of cloud services and smartphones, there are certain types of important company information that invariably end up being either generated or inadvertently stored on mobile devices; things like text message conversations, call logs, audio recordings, camera snapshots--all of it potentially valuable information if the phone is lost or its owner is pertinent to pending litigation.

The MDM market is rapidly evolving, resembling the state of anti-virus and PC security products a decade ago; meaning every product has flaws and a widely accepted, de facto standard feature set has yet to emerge. But in IT, perfection can never be the enemy of the good, since the good is always getting better. When it comes to getting a handle on mobile devices within your organization, Sophos' updated Mobile Control is emphatically better than nothing and at least as good as most of its competitors. IT shops already using Sophos for PC endpoint management should start their MDM evaluation here.

Android and Apple devices make backup a challenge for IT. Look to smart policy, cloud services, and MDM for answers. Also in the new, all-digital Mobile Device Backup issue of InformationWeek: Take advantage of advances that simplify the process of backing up virtual machines. (Free with registration.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1032
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inf...

CVE-2012-1417
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.

CVE-2012-1506
Published: 2014-09-17
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from th...

CVE-2012-1507
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index...

CVE-2012-2583
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

Best of the Web
Dark Reading Radio