Cisco Systems

Business Driver: Zimperium Mobile Threat Defence


Business faces numerous conundrums when allocating resources that improve employee productivity and enhance the customer experience. Sales staff revel in their ability to work in the field and act more responsively to client requests. Many customers prefer the self-service approach to supply-chain management that enables online ordering and real-time ordering and inventory requests. This effectively increases the “surface area” that an organisation’s IT professionals must patrol and protect. Analysts like Ponemon and Gartner have identified mobile device security as a core threat that must be addressed to further mitigate security risks.


According to Chief Security Officer (CSO) Magazine mobile threats can be divided into seven key threat vector subsets;


Data Leakage and Data Loss Prevention


Losing sensitive data either inadvertently as a result of error or from a direct threat like malware or a targeted hacking attack risks reputational damage and possible financial loss. To counter this threat the deployment of mitigation measures that protect users from themselves and orchestrated threats can reduce or eliminate the potential threat.


Social Engineering


After nearly two decades of intense scrutiny and harsh lessons, 91% of cybercrime begins with a simple email. For those in the field accessing digital assets, distractions can limit even the most security conscious employees from practicing good security. Clicking on a bad email link that eluded the spam filter happens, irrespective of security awareness training provided by diligent employers. Mobile devices provides a vector through which Enterprise can still be compromised, in spite of IT administrator’s best efforts to mitigate these risks.

Value Proposition: Zimperium Mobile Threat Defence


Diligently protecting mobile devices is vital to protect every link in the Enterprise computing chain against compromise. The mobile device landscape is challenging and requires safeguards that are unique to the types of endpoints management and their employees are using. Further complicating the mobile device ecosystem is the widespread adoption of bring your own devices (BYOD) that fall outside (in many cases) security policy enforcement. Anecdotal evidence suggests that 60% of endpoints within an organisation are mobile which represents a pervading threat that must be mitigated. To meet the unique threats posed by the mobile landscape it’s a critical determinant that organisations justify the added overheads required to protect mobile endpoints;


Detect Compromise


Identify the breach and notify IT administrators


Anomalous Behaviour


Analyse application behaviour for malicious or unusual patterns




Block surveillance or data interception attempts


Authorise Access


Block unsanctioned attempts to commandeer microphone or camera


Wi-Fi and Access Points


How many times have you accessed “free” wi-fi in the last year? For security savvy professionals the likely answer is never. If you believe the vendor research, nearly one quarter of devices have connected to insecure network connections or have had data intercepted with targeted “man-in-the-middle” attacks.


Un-patched Mobile Software


Application and security updates for mobile devices is a hit-and-miss affair at best. Leading vendors take their responsibilities seriously and enforce a solid security regimen upon their devices. This applies to IOS and Android based machines that must meet compliance standards before they gain admission to an organisation’s corporate assets. Bad policy and BYOD have muddied the waters and require intensive oversight to ensure compliance with policy and good practice.


Hijacking Devices for Nefarious Purposes


Every device with a network connection poses a potential risk if they are commandeered by malignant entities for illicit purposes. Most people are aware of the more common threats like capturing a PC’s camera or hacking a home router but compromising a mobile phone to be press-ganged into mining crypto-currency seems unlikely and laughable. It’s already happened. If there is a way to steal resources, criminals will find a way to exploit any and all mobile device weaknesses.


Password Breaches


An ongoing, seemingly insurmountable challenge.


Physical Security


Unprotected mobiles can still be found across every Enterprise. Not setting a PIN or storing inappropriate data insecurely on mobile devices still occurs in spite of relentless training and the most rigid policy settings.




Stop “phishing” attempts




Block attempts to compromise end user and corporate privacy


Support IOS and Android Devices and Applications


One application that protects 95% of mobile devices


Product Overview – Zimperium’s Mobile Threat Defence


Zimperium’s Mobile Threat Defence mobile device protection suite protects mobile devices using Android and IOS operating systems. The product range is optimised for Enterprise environments and complement other existing safeguards by focussing solely on mobile security safeguards.


The organisation offers a broad range of mobile risk measures including;


z9 – Machine Learning


Lightweight, low-latency on-device mobile security that was designed specifically for iOS and Android mobile deployment. z9 uses machine learning to proactively detect and prevent threats


zIPS – Mobile Device Technology


Mobile Threat Defence detects and prevents intrusion and provides mobile threat forensics to assist administrators mitigate and prevent intrusion


Z3A – Mobile Application Analysis


Automated Application Analysis that provides detailed audits and insights into published apps


zIAP – Software Development Kit (SDK) suit z9


Beef up the security of your applications by embedding security safeguards directly into your own mobile apps


Links and Resources