… to extend mobile security to the iOS mobile workforce
By Yael Macias, Product Marketing Manager, Threat Prevention and Ran Schwartz, Product Manager, Threat Prevention
With over 35,000 customers, Jamf is the industry standard for all things Apple in the enterprise. Jamf’s portfolio of products allow customers to streamline authentication, manage the Apple ecosystem, and protect Mac from malware and costly breaches.
Today, we are happy to announce that Jamf customers can seamlessly integrate our market-leading Mobile Threat Defense (MTD) solution SandBlast Mobile, adding critical threat intelligence and security to Jamf-managed iOS devices.
Mobile malware is on the rise. According to Gartner, mobile malware attacks more than doubled from 2018 to 2019, reaching 116.5 million, with a surge in unique users. Even with Apple’s focus on device security and user privacy, this astonishing figure includes attacks on iOS devices and users too.
It is no news that employees are the weakest link in the security of an organization, and when it comes to social engineering attacks, they are equally susceptible across all operating systems. With little wit, hackers can easily trick users into downloading malicious content from outside the official Apple App Store: malicious apps distributed using fake enterprise certificates, or malicious files stored in shortened links. 1Phishing campaigns are on the rise as well, and mobile devices have become the preferred channel for hackers. With BYOD programs comes the reality that a mobile device will connect to multiple email accounts and multiple messaging apps. Consequently, threat actors can easily deliver phishing attacks to enterprise users through unprotected channels, thereby completely evading any kind of enterprise server-side protection.
While relatively infrequent, malware makes it past the Apple App Store screening process. In October 2019, an extensive malware campaign was found to have bypassed Apple’s screening process and onto user devices. The malware, while focusing on generating ad revenue through fraudulent methods, would also communicate with a command and control server that provided it with an option to exfiltrate sensitive data from the device without requiring the user to approve any suspicious permissions.
Thankfully, keeping mobile threats at bay is possible.
By integrating Jamf and SandBlast Mobile, enterprise customers have the tools they need to further secure their increasingly mobile workforce. Customers will get a fully automated management, security, and enforcement solution, while maintaining a great user experience. As Gartner recommends, organizations should “integrate the MTD solution with their incumbent Unified Endpoint Management (UEM) tool”.
So how does the integration work?
Once connected, SandBlast Mobile protects the device from threats that come from the device, apps, or network. The moment that it sees a threat, in addition to enabling its own threat prevention capabilities, it will mark the device with the appropriate risk level, and send that information to Jamf. Using its device management capabilities, Jamf can automatically enforce various restrictions on the device, such as preventing the use of the camera or removing access to corporate email or Wi-Fi. Once the device risk is back to a healthy state, SandBlast Mobile will immediately update Jamf, which will ensure that the device is no longer restricted. This seamless experience ensures that neither security nor user-experience is compromised.
1 How Mobile Phishing Works and What to Do About it, A Report by the Anti-Phishing Working Group (2018).