The expression, “better safe than sorry,” used to be confined to our online activities from our PCs in terms of making sure we had great anti-virus software and our definitions were up to date. However, with the advent of smartphones and tablets, the admonition about having the right protection has taken on a new meaning. And, as my colleague Rich Steeves noted in an article about Android malware recently, native device protection may give you a false sense of security as to how well you really are protected from the bad guys.
In the previous article, the focus was on the protection from malware that is achievable from Kindsight, a majority-owned subsidiary of Alcatel-Lucent (News - Alert), via a solution that is network-based. The good news here is that it is proactive and reactive in terms of dealing with threats. It enables customers to have improved peace-of-mind, and mobile operators a real leg up in providing their customers significant value-added. The better news is that the solution has some new capabilities that are impressive.
Where it fits and how it works
Before getting to what’s new, the simple way to understand the solution is through the graphic below.
Source (News - Alert): Kindsight
The Kindsight Mobile Security solution sits in the network and manifests itself as an app on your personal device. It provides protection from malware coming across the network, customer alerts and a wealth of network security analytics for operators to help them ensure customers rely on the apps they rely on to be safe and secure.
“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner which enables mobile operators to provide a truly differentiated service to consumers,” said Brendan Ziolo, vice president, marketing at Kindsight (News - Alert). “With these new features, our mobile security offering allows our mobile operator partners to provide a level of protection that is unsurpassed on the market today.”
Jeff Wilson, principal analyst, security at Infonetics (News - Alert) noted, “There’s a lack of consumer understanding of mobile device vulnerabilities and threats…By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”
The graphic below shows what one the detection of a suspicious app would look like on your phone.
Enriching the platform
Ziola makes and interesting point about the solution being “unsurpassed.” The reason comes not just for the existing functionality, but from several enhancements that have been added.
Building upon the existing network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800), Kindsight Mobile Security uses patent-pending techniques to infer the malicious apps that have infected the device. It does so by comparing activity detected in the network with suspicious apps on the device.
That is just the beginning. Here are the new capabilities.
Network platform identifies suspicious apps:
- When mobile malware is detected in the network, subscribers are not only alerted, but also are shown which infected apps to remove.
- Protection is provided subscribers against new mobile malware before device-only security apps can provide it.
Network platform blocks infected devices:
- Infected devices are blocked from communicating with C&C servers and hackers are prevented from stealing data or launching attacks.
- Solution can be configured to put infected devices into walled garden or prevent access to the network.
Mobile app added anti-theft features:
- Find & Locate Phone (News - Alert): Subscriber can log in to mobile operator’s website to find phone’s whereabouts and/or sound an alarm
- Remote Lock & Wipe: Users can lock device by setting passcode or wipe personal data when phone is stolen or lost
As Ziola told TMCnet, this blocking capability can be configured to put infected devices into a walled garden or prevent them from accessing the network. Given the explosion of BYOD in enterprise, this is a capability that is sure to capture the attention of IT professionals.
As a user I particularly like the new anti-theft features. Putting theft aside, let’s be honest, who hasn’t lost their phone? To call it stressful would be an understatement. Thus, having the ability to use the Web to find it and sound an alarm to locate it is useful. This is true even if you just left it someplace in your house but can’t remember where.
The remote lock and wipe function, enables us to lock the device by setting a new passcode or wipe personal data when the phone is stolen or lost. Not to sound too paranoid, but for most of us, especially those who sync religiously, that device contains our lives, including the most sensitive of sensitive information. Even if we back it up, knowing that it could be in the wrong person’s hands and that they can get at it is a nightmare scenario that can now be avoided.
The business end of things
Kindsight Mobile Security can be deployed by mobile operators as a white-labeled solution. Kindsight says it can be a platform for launching new value-added services under the operator’s own brand. They also point out that such services can be offered for a monthly fee to generate new revenue or by using a freemium model where some functionality is offered for free and the subscriber can upgrade to the premium features for a fee.
At the end of the day, the mobile service provider, even if we did not purchase the phone directly from them, is the throat we wish to choke. Given competitive pressures, and high churn, and the fact that mobile operator customer service is whom we are going to call, the value of Kindsight may be as important to the operators as it is to us customers. Having improved visibility into malware from both a device and network perspective when devices are behaving badly, and being able to remediate issues, is non-trivial.
As Ziola noted, “Device only protection is not enough. Even the best of the anti-virus programs, including if you have several, cannot keep up with the bad guys in as timely a manner as we can. Mobile operators are the only ones who can combine network-based and device-based security, and thus are in a position to provide true differentiated value.”
I would be remiss in closing if I did not mention that a visit to the Kindsight Security Labs part of their site while sobering is worth it. If nothing else the data and resources that can be accessed should give you more than just of bit of food for thought.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO. Follow us on Twitter.
Edited by Brooke Neuman