Risk
8/13/2012
10:14 AM
Kurt Marko
Kurt Marko
Commentary
Connect Directly
LinkedIn
Twitter
Facebook
RSS
E-Mail
50%
50%

What Sophos Brings To MDM Table

Security vendors are rushing to fill gaping holes in IT's ability to manage mobile devices. But if you expect perfection, you'll wait too long.

The invasion of personal smartphones into the enterprise, whether through the front door of an official BYOD program or back door of I'll see how much I can get away with is by now so well established that the IT discussion is no longer about whether it's a good idea, but rather how to cope with the onslaught of unmanaged devices from a hodge-podge of manufactures and running several different OSs. For IT, standing at the rampart and yelling stop is about as effective building a sand berm in the face of an onrushing tsunami.

It's a situation not dissimilar to that faced a couple decades ago as PCs began flooding into offices while IT was still ensconced in its raised floor lairs tending to "real" computers. Gradually, a software ecosystem developed to automate and centralize the management of inherently personal and distributed devices. Today, many of those same companies, including endpoint security specialists like McAfee, Symantec and Sophos, are rushing to fill gaping holes in IT's ability to manage mobile devices.

As our MDM research report and survey found last year, fully 65% of respondents anticipate an increase in employee-owned mobile devices. To no one's surprise, as we outline in a recent report on mobile application development, the vast majority of those phones and tablets will be running iOS and Android. MDM software is the industry's solution to the vexing problem of making order out of chaos, but so far it's been greeted with a lukewarm response by enterprise IT. Our survey finds under a third of organizations have implemented these all-in-one management suites.

Sophos, a firm better known for PC anti-malware and data encryption than mobile security seems determined not to miss the post-PC market. The firm, which built its Sophos Mobile Control product upon technology licensed from Dialogs, a German firm specializing in mobile and communications software, clearly felt that developing MDM technology is far too important and strategic to remain an outsourced function and acquired the company earlier this year. The first fruits of this union were announced this week with a point upgrade to Sophos' MDM product. On the surface, there's not a lot new in Mobile Control 2.5, which already boasted a solid, if not extraordinary, set of MDM features; the complete litany of which you can actually see in more detail by looking at Dialogs' smartMan feature list [PDF] rather than the vague marketing speak pervading Sophos' own data sheet. The big additions are improvements to its management interface and enterprise integration, notably the ability to link devices and security policies to Active Directory groups.

[ Doing nothing is not an option. Read 6 Keys To A Flexible MDM Strategy. ]

Mobile Control's AD integration allows tying users to specific devices and groups to sets of configuration policies. For example, marketing employees might be allowed to use the Facebook app on the corporate WLAN while everyone else is blocked, or executives may be configured to use an exclusive remote VPN gateway when traveling not available to other employees. The ability to automatically map policies and configurations to existing users and groups is a big boost to administrator efficiency.

Another enhancement in 2.5 is support for app distribution and control on iOS. Previous versions allowed installing and removing apps on Android and Windows Phone, but Apple's tight control over app distribution can complicate life for enterprises. The new version enables IT to push or delete iOS apps installed from either the App Store or an in-house portal. The update also features improvements to device compliance checking and reporting. Mobile Control features a handy client-side app that gives users an overview of the device's compliance status including any resolution steps they must take to rectify the problems. IT gets the same data for all devices on a central management console.

Although Sophos didn't participate in our MDM Buyer's Guide, when comparing its feature list to the 20 or so categories we asked about, Mobile Control could check almost all of the boxes. No, it can't remotely control a device (at least not the ones that matter: Apple and Android), nor remotely upgrade the OS, but when it comes to app management, policy enforcement, device inventory, usage tracking, geolocation, and remote wipe, Sophos has you covered. One area that Sophos doesn't address--again, for the smartphones people care about--and in all fairness, few MDM products do--is data backup. With the proper configuration and usage guidelines, mobile device backup shouldn't be a critical feature since, as I point out in an earlier column, it's best to keep company data off of mobile devices. But as I point out in a forthcoming report on e-discovery in the age of cloud services and smartphones, there are certain types of important company information that invariably end up being either generated or inadvertently stored on mobile devices; things like text message conversations, call logs, audio recordings, camera snapshots--all of it potentially valuable information if the phone is lost or its owner is pertinent to pending litigation.

The MDM market is rapidly evolving, resembling the state of anti-virus and PC security products a decade ago; meaning every product has flaws and a widely accepted, de facto standard feature set has yet to emerge. But in IT, perfection can never be the enemy of the good, since the good is always getting better. When it comes to getting a handle on mobile devices within your organization, Sophos' updated Mobile Control is emphatically better than nothing and at least as good as most of its competitors. IT shops already using Sophos for PC endpoint management should start their MDM evaluation here.

Android and Apple devices make backup a challenge for IT. Look to smart policy, cloud services, and MDM for answers. Also in the new, all-digital Mobile Device Backup issue of InformationWeek: Take advantage of advances that simplify the process of backing up virtual machines. (Free with registration.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.