Security beyond the perimeter
To get an answer to the question, think about how security has evolved. as the proliferation of mobile devices has made traditional security protections even less effective than they used to be.
Mobile devices now account for 59% of global website traffic. But almost half (45%) of the companies surveyed in the last Verizon Mobile Safety Index say they have had a compromise involving a mobile device in the past 12 months.
Company firewalls only protect those inside the wall, and malware retrospective testers by nature don’t detect an attack until it happens.
Traditional security models have now been replaced by the concept of endpoint security, where security is applied based on device, user, location, and even application. It is this evolving understanding of security that contributes to today’s security industry buzzwords—things like zero trust, multi-factor authentication, and passwordless security—all are components of the new approach.
But can devices protect themselves?
Another tactic is the continued attempt to build security protection into the device itself, something like the Secure Enclave in Apple products. But it implies even more: developing systems that are intelligent enough to recognize if they have been attacked.
But being able to deliver that kind of AI self-awareness requires access to a bit of information first, in the form of telemetry data.
Jamf already has a security solution for Mac that shows this direction of travel, called jamf protection. You can detect threats, monitor compliance, and automatically respond to some security incidents. When it was introduced in 2019, it showed a future for security protection. The deal with ZecOps means the company now has technology it could use to provide similar protection to iPhones and iPads as well.
Providing that level of security is complex and requires access to telemetry, which is the kind of information Zecops is very good at getting. That explains why its security solutions are already used by governments, enterprises, and high net worth individuals to accelerate mobile security investigations. The solution is very good at taking data and identifying large-scale attacks and compromises.
The idea is that if a breach has occurred, the software will detect it, which is invaluable for the protection of corporate data. However, the goal should be that eventually the device itself will recognize and protect itself against any visible reconnaissance attacks, making systems even more secure.
“ZecOps is the only tool available that provides the ability to extract, deliver, and analyze mobile device logs for signs of compromise or malicious activity,” said a “State Department, a G7 government” customer, according to the company. .
How does it work
The tool works by capture and analyze logs from iOS and Android devices at the operating system layer. It explores this telemetric data to identify suspicious events and has been designed to detect hidden attacks with zero and one click. It will identify if a device is attacked, how and when that attack took place, what impact it has, and then help inform effective incident response.
It is a threat hunter for iPhones.
It is also important to consider the type of threats that this solution can prevent. This is not just a virus scanner. It is smart enough and able to identify some of the state sponsored threats that Apple created lockdown mode to protect devices. The acquisition essentially gives Jamf technology robust enough to protect against espionage.
and in a deeply paranoid time in our global historythis level of protection is the degree of security that every iPhone user requires.
Copyright © 2022 IDG Communications, Inc.