OPSWAT has launched the Gears mobile app for iPhone® and AndroidTM. The Gears platform already provides enterprise-wide monitoring and management for the security and posture of desktops, laptops, virtual machines and servers.
The addition of the mobile app now positions Gears to meet the needs of both consumers who want to improve the health and security of their mobile devices and organisations attempting to provide security and device attestation for an increasingly mobile workforce.
According to Adam Winn, Senior Product Manager for Gears, the app was designed in cooperation with some of OPSWAT’s largest customers in the financial services sector, a vertical where Bring Your Own Device (BYOD) adoption is complicated by regulatory compliance. He went on to say, “The ability to check the security state of BYOD devices is a missing piece of the security puzzle for many organisations, from small businesses to enterprises. Many MDM and EMM solutions solve the problem with a heavy hand, leading to low user adoption rates and distrust. By contrast, Gears works in total transparency, without the need for enterprise app stores, DEP, or other complex provisioning techniques. In this way, Gears benefits both individual users, as well as groups and companies looking to set simple policies that allow easy identification of infected, risky or vulnerable devices before they can cause problems.”
Winn was quick to emphasise that the Gears app is not a Mobile Device Management (MDM) solution, which he sees as a benefit when organisations are attempting to view all of their devices “under one pane of glass, with a focus on security. We set out to create a product that provides device visibility and security posture without difficult provisioning and administration. Conversations with our customers have revealed that managing and enforcing traditional MDM deployments have led to low coverage rates post-purchase, especially for personal devices, so our approach is to provide a unique alternative or supplement to a traditional MDM that allows the security of mobile devices to be managed alongside all the endpoints in the network. MDM still has a place, but there are situations where it simply doesn’t make sense – Gears now solves that problem.”
When asked about the inspiration for the app, OPSWAT’s CEO, Benny Czarny, said that “The notion of securing the corporate network is forever changed. Everything is moving to the cloud, so the posture of devices is much more important than it has ever been before. There is a direct connection between devices and data, and the key thing is to protect corporations from threats coming in, regardless of the device type or operating system. We cover five major platforms—Windows, Mac, Linux, and now Android and iOS. This consistency in visibility is very important to us. Ease of distribution was also a major focus during development. Simultaneous development against the policies of two app stores was a challenge, and we’re proud that the features in the mobile app are very consistent between the two operating systems.”
Czarny went on to discuss the challenges of enterprise mobile device security: “Mobile security settings are very advanced at this point, but the ‘human factor’ is where much of the danger lies. The best security settings in the world won’t help your network security if your employees don’t have a password for their tablet, or they don’t have remote memory wipe set up in case a phone is lost or stolen. I looked for apps that could meet this need and there was nothing! It’s a unique app, meeting a unique need in the market, and we’re excited to see what our customers do with it.”
Between the recent emergence of Stagefright 2.0 vulnerability, which is said to put over one billion Android devices at risk, the XcodeGhost malware, which is now thought to facilitate phishing for iCloud passwords, consumers are more aware than ever before of the need to secure their devices, but they often aren’t sure where to start. This is evidenced by data collected during the beta period for the Gears Android app, during which Winn reported that “30% of Gears beta users on Android devices didn’t have their devices password protected. That really surprised us, and it emphasises the need for a tool that can detect both basic and advanced security settings. The Gears mobile app gives those new to mobile security the ability to make sure that the basics, like password protection, are taken care of, while providing enough advanced features to keep infosecurity buffs happy as well.”
How does it work?
Designed for unmanaged and personal devices, the app performs a rapid audit of common security settings and provides a report including numeric scores for security and health status, information on issues with the device, and clear instructions on how to remediate any problems. The app also provides detection for common mobile security risk factors, including rooted or jailbroken devices, unset passwords, and lack of storage encryption – features that often require the deployment of an MDM.
In addition to the configuration checkup mentioned above, it offers a unique take on malware detection by looking at the actual IP addresses a device is connected to, where they are located, and if they are identified as suspicious by any of the twelve IP reputation sources provided by Metascan Online, OPSWAT’s free online anti-malware multi-scanning service. Connections to suspicious IP addresses can be an indicator of potential malicious intent, including data theft and unwanted tracking.
According to Winn, IP reputation assessment can also be helpful in identifying connections to command and control servers from a compromised device, a common symptom seen after a vulnerability like Stagefright or XcodeGhost is exploited.
Download Gears to Secure and Manage your Devices
The Gears app is now available to download for iPhone and Android. For businesses and other groups, the app provides easy integration with existing management features of Gears, which are free for up to 25 devices with subscriptions available from 26 to 100,000+ devices. A device can be associated with an account for monitoring simply by entering a unique registration code; no profile or certificate is required.
In the very near future, scanning for infections is planned for the Android app, where Android package files (APKs) will be scanned against the 40+ anti-malware engines in Metascan Online, bringing the app into alignment with the features currently available in Gears for Windows and Mac.