BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Retina Now Offers Custom Audits for Android Devices

Post by Morey Haber May 16, 2012

When a marketing buzz word sticks like BYOD (Bring Your Own Device), it is inevitable to see it everywhere in an effort to capitalize on the momentum; blogs, literature, SEO, social media, etc. In the past, we have seen great terms like “ecosystem”, “framework”, and my personal favorite “distributed computing”, rise and fall in marketing. Fortunately, some of these buzz words are more realistic than others and really do pose a challenge to many companies. It is not just about the latest and greatest technology or security threat, but what really matters to the business.

BYOD is one of those terms that really does matter and is a real problem. eEye, like many organizations, does support BYOD. We have a wide mix of devices from Android to Apple to WebOS (PalmOS) connected with various parts of our infrastructure with a myriad of security tools, firewalls, and access control lists filtering content and visibility. This is no surprise and for corporations supporting  BYOD, I would expect the same; or at least hope so. As businesses struggle to reduce costs, BYOD, provides an upfront cost savings by allowing employees to bring their own devices to work in lieu of potential capital expenses to acquire them. One of the hidden costs is how to maintain proper security for these devices and fundamentally what risks they present for vulnerability assessment and even custom auditing on top of costs for securing connectivity. Retina has taken the traditional approach of vulnerability assessment for Android devices to a new level to solve this problem. With the release of Retina CS 3.1 and Retina Community 3.1, eEye is offering for free a vulnerability assessment agent for Android devices from the Google Play Store (formerly Google Market Place). Download from Google Play Now. As users begin to connect these devices to the corporate infrastructure, primarily through email, they can assess if their device has inherent vulnerabilities that could cause unnecessary risk to the business via vulnerable applications like Google Wallet or Adobe Flash. When used as a standalone agent, all of the findings and remediation steps are presented directly on the device, and when connected to Retina CS, all of the results are correlated in the management console, just like any other asset, for complete zero-gap vulnerability management coverage. The solution however, does not just stop at assessments for Android devices, it allows for custom configuration and auditing to meet the needs of your business policies. Retina complements MDM solutions with additional flexibility for vulnerability and configuration policies. Consider that your policy for BYOD states that USB debugging should be off or that if you connect your device to the infrastructure, certain applications must be installed (for additional security like anti-virus) or are explicitly denied from being installed (like a faux version Angry Birds that contains malware). Retina CS (and CS Community) allow for you to perform this inventory. An MDM solution may be setup to enforce these but Retina Android Agents allow you to verify these settings on the actual device and create custom ones beyond the scope of your MDM solution. Mobile devices (smartphones and tablets) represent an entirely new way to do business. Everything from accepting credit cards (which fall under PCI DSS compliance regulations and making vulnerability assessment a must have on these devices) to allowing users to connect and bring their latest gadgets to work pose a new security challenge for IT and security departments. Emphasizing  security restrictions on connectivity is not enough. Assessing these devices, that are outside of the corporate firewalls and IDS/IPS systems, is a must. Whether you rely on just an MDM vendor for your security, have mandated anti-virus on these devices, or have sat down and seriously considered the risks these devices represent, do not forget that they are vulnerable just like other desktops and servers within your environment. The marketing buzz may be about BYOD but remember the real buzz is within your organization and you must consider how you will manage mobile devices. They are the proverbial “hand-held keys” to the internal workings of your business; from emails, to contact lists, to possible mail attachments. They should be assessed for vulnerabilities and configuration violations just like any other device. Just like every other industry buzz in the past, like “working from home”, and “mobile workforce” with laptops, these devices need the same considerations and protection. Retina can get you started. Download from the Google Play Store now. 

Tags:
, , , , ,

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,