Solved

Security concerns & risks assessment of Mobile Iron Email+ in Android or iDevices

Posted on 2016-07-28
1
15 Views
Last Modified: 2016-07-29
Anyone can provide risks assessments for the following & the mitigations:

Mobile Iron Email+ residing in Android or iDevices
0
Comment
Question by:sunhux
1 Comment
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
ID: 41732950
Assess threat based on device and apps exposure impact the information stored, in transit and in use. You will need the vendor to confirm on the applicable capability to reduce the exposure WITH additional apps install though I stated some brief one just for a start...

Threat - Data leakage/breach, Risk - loss of information confidentiality & integrity
>MobileIron Email - Encapsulate Email apps from other personal apps, Segregate Email information from other apps access, Encryption on device and Apps VPN (using AppsTunnel) for end to end protection

Threat - Mass infection, Risk - loss of information confidentiality & integrity & Availability
>MobileIron Email - Leverage on existing device AV or protective s/w for real time malware and compromised device state (e.g. jailbroken/rooted) detection, backend content filtering based on Enterprise email exchange AV scan before sending to device, apps are pushed down from MI trusted AppStore (signed apps)

Threat - Unauthorized Access, Risk - loss of information confidentiality & integrity
 > MobileIron Email - MI agent for MDM and MAM controls for customized email apps "watch over" based on policy usage and enable audit trail for proactive monitoring on any anomalous email usage activities, strict policy include login credentials for multi-user and enforce 2FA (if available)

Threat - Loss of device or device theft, Risk - loss of information confidentiality & availability
> MobileIron Email - MI agent for MDM and MAM controls for remote wipe of apps and device for selective information stored in the device or ext storage. At all times data at rest are encrypted.
1

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now