On-demand VPN tunneling, blocking access to corporate resources, quarantining risky apps, and several other advanced protection actions are the subject of a new Symantec white paper that highlights what protections organizations can leverage to get the most value from their MTD solution. The paper argues that the most effective form of MTD today includes advanced actions that are:
- On-device: This allows them to be faster and provides constant protection, even when devices are disconnected from the Internet.
- Real-time: They can proactively thwart attacks, immediately and automatically when a threat is detected.
- Smart: They target the exact threat without impacting other resources or processes on a device; and they are activated on-demand (and turned off when not necessary).
As in a castle-and-jail security approach, many advanced protection actions can be used to either isolate (jail) threats on a device so they don’t persist and harm other resources, or to protect (castle) sensitive corporate resources from breaches or leakage. This approach helps organizations achieve a balance between security and productivity needs, something that has been challenging in a mobile security ecosystem that, as mentioned, has been largely confined by mobile OS structures.
Compared to the limited, reactive, and invasive actions utilized by most MTD solutions, advanced protection actions proactively and instantly defend against a broad range of mobile threats, from malicious apps and mobile phishing, to risky networks and MiTM attacks. They can protect corporate data without sacrificing user productivity and privacy, and without requiring an Internet connection. As shown in our example, advanced protection actions can also be layered, enabling organizations to effectively adapt their MTD to their security and privacy policies.