Government
Support
Contact
Login

Trellix Login Trellix Hive Developer Portal Marketplace
Search

Clear | Search Tips

Quick Links

Why Trellix? | Products | Advanced Research Center | Newsroom | Blogs
Change Language

Australia (English) Brasil (Português) Canada (English) Canada (Français) Deutschland (Deutsch) España (Español) France (Français) Hong Kong (English) India (English) Italia (Italiano) 日本 (日本語) 대한민국 (한국어) México (Español) Singapore (English) United Kingdom (English) United States (English)

PLATFORM CAPABILITIES

Trellix XDR Platform

Strengthen your security posture and protect your organization with confidence.

Trellix Wise

Your sixth sense for security, Trellix Wise is GenAI to solve your toughest security operations challenges with hyper automation.

PROFESSIONAL SERVICES

EDUCATION AND TRAINING

Trellix Thrive

Make the most of your investment in Trellix’s industry-leading cybersecurity technologies.

RESEARCH

Latest Research Blogs

Get the latest cybersecurity trends, best practices, security vulnerabilities, and more.

Latest Report

Trellix’s Advanced Research Center highlights insights, intelligence, and guidance gleaned from multiple sources of critical data.

Get Started

Take a Product Tour Request a Demo Cybersecurity Assessment Contact Us

What Is Mobile Device Management?

Definition MDM vs MTD Owned Devices Best Practices Request a Demo

Mobile device management and mobile threat detection are the two most common types of mobile security solutions and offer complementary features. This article summarizes the two types of technologies and why both of them are important in defending mobile devices from digital threats.

As mobile devices have become ubiquitous, employees are increasingly using them for work as well as personal activities. They use their mobile phones and tablets to read emails, share files, access client information, use mobile applications (work and personal), and video chat with colleagues.

While mobile devices improve employee productivity, they also pose a security risk. Mobile devices face numerous security threats, including:

Insecure or fraudulent wireless access points
Email-based mobile phishing campaigns
Malicious applications masquerading as legitimate applications
Device and data theft

How does MDM and MTD compare?

Mobile device management (MDM) and mobile threat detection (MTD) solutions provide security for mobile devices, but use different, and complementary, techniques. Both MTD and MDM operate with a client app on the mobile device and a server- or cloud-based management application.

Below are the features of each type of mobile security solution:

What is MDM?

Mobile device management provides basic security management of the device and enforces security policies. Some of the core functions of mobile device management are:

Enforcing consistent security management policies on devices
Updating equipment, applications, functions, and policies
Monitoring equipment and application performance
Tracking equipment and status (e.g., location, status, ownership, and activity)
Providing device remote diagnosis and troubleshooting
Remotely wiping files from a stolen or lost device
Auditing for regulatory compliance
Encrypting email and files
Creating separate and secured environments for work and personal device use

What is MTD?

Mobile threat detection products focus on network- and behavior-based threats. For instance, an MTD solution can detect man-in-the-middle attacks over Wi-Fi or identify suspicious device behavior. MTD is designed to detect malware and potentially harmful mobile applications as well as mobile phishing attacks. It can also remediate issues in a variety of ways, including the termination of a connection if it identifies a problem. At a more technical level, a mobile threat detection solution can:

Monitor a device’s configuration and system parameters and look for suspicious activity, such as the modification of system libraries
Check the integrity of Secure Sockets Layer (SSL) connections and website certificates and deactivate suspicious connections
Diagnose applications that may be “leaking” user data and detect potentially malicious apps through reputation scanning, code analysis, and malware filtering

Together, MTD and MDM solutions provide strong security for mobile devices and the network and applications that they access.

Protecting mobile security on employee-owned devices

Employees often use their own devices to access work applications and data. To make matters worse, employees may also use these unsecured devices over public wireless networks. This combination puts an organization’s network and data at risk of malware infection and data breaches.

Privacy concerns are one reason employers may not include employee devices in an organization’s security management program. However, most MDM and MTD solutions can separate the work applications and data of a mobile device from the personal side. With this firewall between the two, there is less risk of infringing on employee privacy.

This division is accomplished through user roles or personas that define the user’s access privileges to work applications and data. For example, a C-level executive persona may provide one set of privileges and application access, while personas for payroll managers, marketing specialists, and sales people may provide different access rights and resources. Personas operate either in containers—lightweight environments that share the device’s operating system and resources—or in virtual machines that split the device’s resources in half and may run different operating systems. An IT department can create and manage a work persona on one side of the device while leaving the other side for personal activities. When an employee leaves an organization, IT can wipe the work persona clean without affecting other content or settings.

Mobile device management best practices

In addition to implementing MTD and MDM security solutions, organizations can improve the security of their mobile devices by following these best practices:

Create a custom app store. When employees download apps from public sites, they may gain malware in addition to the app. Employers can eliminate this threat by creating a custom app store with only “clean” apps that the IT department vets, and by preventing downloads from other sites.
Develop a security policy for devices. Create a policy for employee-owned devices that includes strong password requirements and encryption.
Implement automated device management. Deploy MDM and MTD solutions and implement personas to separate work data from personal activities.
Provide virtual private network (VPN) software. Limit exposure to public Wi-Fi networks by installing VPN software on devices that need access to sensitive data.
Increase employee awareness. Remind employees of prudent security practices and require regular training on security best practices. Employee carelessness is often the cause of data breaches, so employee education is important in improving security.

While mobile devices will continue to be a target of cyberattacks, IT organizations can significantly reduce their risk by implementing mobile device security through good security practices and up-to-date security software. A combination of mobile threat detection and mobile device management provides maximum protection for data and applications while giving employees the benefits of mobile devices.

Explore more Security Awareness topics

View Endpoint Security Topics View All Security Awareness