Anti-Virus programs for mobile devices

I am attempting to put together a policy for mobile devices at my work.  This would include:

  • Laptops (Windows/Apple)
  • Apple - Ipads
  • Android Tablets

Phones, I can have the users login to the guest wifi for their cell phones but our tablets and such will need to be connected to out corporate wifi network.  It seems that in the near future different mobile devices will integrated with the corporate productivity and we will need it in order to stay competitive.

Question1:  Where are some legitimate anti-virus programs for mobile devices?

Question2:  Are these mobile anti-virus program necessary or not yet?
      a.  I would rather be proactive instead of reactive.

Question3:  What do you think about separating the work applications from the personal applications on a mobile device?
     a.  https://www.pulsesecure.net/products/#pulse-workspace
     b.  Its an interesting concept of putting your work related apps in a container that does not allow for cross contamination from other applications on that mobile device.


I wonder what other businesses are doing and what may be recommended?
LVL 1
PkafkasNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AlanConsultantCommented:
Hi,

1) I have used Lookout mobile security for many years (maybe ten, certainly more than five) - it has always worked well, and never caused any issues on my phones.

2) Not sure how critical it is, but I figure I might as well leave it on my phone.  I only install from Google Play, so that reduces my risk (not zero of course), and I rarely install any new applications, and if I do, I research them a lot ahead of installing, so I reduce my risk that way too.

3) I don't like this.  I prefer to tall staff they must not install applications onto work phones.  If they want to use their own phone, then go right ahead.


Hope that helps,

Alan.
0
PkafkasNetwork EngineerAuthor Commented:
what about if they have a tablet?
0
AlanConsultantCommented:
Hi,

I have not used it on a tablet, but I cannot see why it would make any difference.

Thanks,

Alan.
0
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Eoin OSullivanConsultantCommented:
Focusing specifically on the Apple iPads ... there are NO antivirus or anti-malware tools for iOS.  The Apple iOS eco-system of apps is very tightly controlled and Apple doesn't allow any on their app store.

On Android there are a few antivirus tools available in the Google Play Store but I'd not be able to comment on which is the best or most stable.

The real issue here is you need a unified system to manage all these Mobile Devices .. if there are more than 15-20 devices then you should probably look at a Mobile Device Management system (MDM) .. there are several out there but the biggest ones are
VMWare Airwatch  - https://www.air-watch.com/solutions/
IBM Maas360 - https://www.ibm.com/security/mobile/maas360/mobile-device-management
several others too - http://www.techradar.com/news/software/business-software/7-mobile-device-management-solutions-you-need-to-know-1252969

All these have a per-device per month charge of a few $$ but they allow you to manage all the devices, install apps, lock and block apps from being installed, remote erase or wipe in the event of theft/loss and  can support BYOD (Bring Your Own Device)  where the employee can use their personal phone or tablet and you install corporate apps in a wrapper on their device and can manage and erase that data if they leave  while still allowing them private use of their device.

To be honest it sounds like you need an MDM solution  to cover all devices and not some ad-hoc system got laptops, ios and android tablets.

Pulse Secure is basically a MDM Solution but it wouldn't be ranked in the top 5 in terms of market share - just because it has the word 'Secure' in its name doesn't make it the most secure ;-)
https://www.itcentralstation.com/products/comparisons/pulse-connect-secure_vs_vmware-airwatch
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PkafkasNetwork EngineerAuthor Commented:
You see I think the pulse secure options allows for the separation of:

- Work related applications
- Non Work related applications

By the way, some of the devices (Tablets or Smart Phones) are personal devices.  it would be wrong to restrict abilities on someone's else's personal property.  That just happens to be used for work reasons as well.

in communicating with the Corporate network.  That way if a user is using a personal laptop or phone or mobile device they can still install any application that they may want ESPN Zone or whatever the case may be.  But the work related apps are protected and are the apps that are able to communicate with the corporate network.  That way the user can still use his device for whatever he wants and it will not affect the business.

Even is we had an Apple Ipad at work we could designate which applications can be used for work purposes and the rest are irrelevant.  Even if the Ipad becomes compromised the work related applications would not get compromised.  It would provide a piece of mind.

Thank your feed back everyone.
0
PkafkasNetwork EngineerAuthor Commented:
The clarification of the real issue was done by Eoin OSullivan.  I had my own opinion as well what direction to go from there.
0
Eoin OSullivanConsultantCommented:
All the MDM providers I listed AirWatch/MaaS360 and others all offer the same application wrapping feature .. It is NOT unique to Pulse.

Bear in mind that the app-wrapping does not 100% isolate your apps from other apps on the device.

I'd STRONGLY recommend you compare Pulse with the other providers before choosing one that best meets your needs.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
iOS

From novice to tech pro — start learning today.