The challenge

When the company first deployed mobility, they adopted an EMM to manage the devices. However, they quickly realized that this only protected the hardware, but didn’t defend their most sensitive asset – corporate data.

The company was experiencing a repeat problem with stolen credentials. Multiple staff members had their Active Directory credentials stolen so the CISO mandated that a comprehensive anti-phishing layer be implemented.

Conscious of the need for a phishing protection that extended to their recently adopted mobile platforms, the team also wanted to add protection against the threats they were most aware of on desktop PCs – malware.

”“The security hole that mobile had created became a real concern. We had a certain level of security provided by the EMM and built in with the OS, but you don’t have to look far to realize that this isn’t enough these days. We couldn’t stop our staff from accessing services via web browsers that carry malware or leak data. We lacked the visibility needed to achieve a superior level of security: visibility of the data itself.””

– James Hoggart, IT Systems Manager

Finally, in order to take a more proactive approach to threat prevention, the company wanted to have a content filtering solution on mobile that would allow them to stop access to malware-hosting app stores and unapproved IT resources, such as cloud storage providers, which they were instructed to manage as part of the company’s data loss protection strategy.

The company also needed real-time mobile data insights and analytics to check that every device is running the latest OS, isn’t communicating with any risky apps and websites and hasn’t been reconfigured by users trying to get around device permissions and inbuilt OS security.

Oil&Gas

Company profile

Wishing to remain anonymous, this multinational oil and gas company is headquartered in the US and has a large population of field workers that frequently travel to remote locations and high risk environments around the world. This company manages 8,000 corporate owned mobile devices, which are a mixture of Android and iOS smartphones and tablets.
The mobile devices are used by field staff to streamline business operations, to keep them connected with HQ and to act as a safety line. The mobile device provides critical business functionality, including the transfer of time-sensitive and confidential information to field workers and communications during time of emergency situations.

“Most of the security providers we looked at were limited in what they offer, only focusing on one area of mobile security like apps, or end point. Wandera is the only provider on the market that uses a cloud proxy to scan data in transit and has the added layer of on-device protection, so it leaves no stone unturned.”

– James Hoggart, IT Systems Manager

The solution

The IT team compared a number of solutions from leading Mobile Threat Defense (MTD) providers and chose Wandera because of its strong capabilities in all four areas of detection in Gartner’s Market Guide for MTD. Making the solution extra appealing were the powerful content filtering controls, operating through both the device and through a web gateway for mobile.

The IT team was also excited to hear Wandera offers content filtering for not only the apps but also the browser, making it easy to restrict entire categories that were known to carry risk.

Hoggart was pleased that Wandera would allow him to assess the company’s mobile risk exposure by identifying vulnerabilities on each mobile device, including those that could be dynamically triggered, like Semi-Jailbreak.

“Our security team love Wandera because they have a service that is managed by our mobility team but it has been built with security teams in mind. It maps to what they already know, so they essentially treat it as an extension of their desktop security program.”

– James Hoggart, IT Systems Manager

Wandera was able to produce a report on all out-of-date operating systems with a single mouse click – no digging through the EMM to produce complicated reports.

Wandera was deployed across the full device fleet within minutes using the company’s EMM. Thanks to the over-the-air integration between the solutions, it meant 100% deployment was achieved with no input at all required from employees. The service was then able to analyze mobile data traffic in real-time, which was immediately made available to the security team.

“The integration with our EMM is great. We’re able to take action through the EMM when Wandera picks up a risky Wi-Fi hotspot connection for example. We can just stop the mobile device from connecting remotely.”

– James Hoggart, IT Systems Manager

The results

Wandera now provides comprehensive protection across the company’s global mobile fleet. Wandera’s mobile intelligence engine, MI:RIAM, monitors for data traffic behaviour anomalies, vulnerabilities in the mobile device configuration and apps leaking data. The service also monitors for connections to open Wi-Fi networks as well as known bad networks, such as sites hosting malware or launching phishing attacks against employees.

With OS updates being released so frequently, the company can simply run a report through Wandera and take instantaneous action to ensure all devices are running the latest version so that sensitive data isn’t exposed to any vulnerabilities. Wandera not only identified outdated OSs, but also discovered that a number of devices were jailbroken, while others had risky settings configured (such as being open to third party app stores, allowing disabling of native app verification and device storage encryption on the device).

In the first six months following deployment of Wandera, it was discovered that 10% of the company’s employees were impacted by an approved travel service that was responsible for leaking credit card information along with login credentials. It was later found that this data leak had been exploited by an attacker to harvest employee credentials.

“It was incredible to see that even trusted apps were still leaving user information exposed.It was probably just an email and password in many cases, but people reuse personal passwords at work. Seemingly innocent, but an overlooked entry point into the corporate network.”

– James Hoggart, IT Systems Manager

The IT team was also pleased to see 30% of employees took proactive action almost immediately after receiving a Wandera alert of a new configuration vulnerability. This quick response by end users reduces the attack surface.

The company is also able to be proactive in enforcing compliance and security through Wandera’s content filtering service. It can prevent shadow IT and the use of unapproved cloud services that are a violation of the company’s acceptable use policy for any device, not just mobile.

1,400

sensitive PII leaks detected per year, with policies that block password leaks in real-time

600

connections to third party app stores blocked per year

2

An average of 2 connections per employee to unencrypted Wi-Fi hotspots per week

1,000

connections blocked per month to malicious or compromised domains

To learn more about how Wandera can help your business please click here to get in touch with a mobility expert.

Gartner Market Guide for Mobile Threat Defense Solutions 2018

“Beyond a unified endpoint management (UEM) security add-on, MTD is also used to address use cases such as mobile phishing, bring your own device, app vetting and compliance.”

Download now ›