Individuals using smartphones and tablets tend to engage in activities that increase the risk of attacks on the business—for example, using social media sites to a greater degree or visiting web sites that may increase vulnerabilities, such as gambling or pornography sites. In addition, mobile devices are more vulnerable to loss or theft, which could put businesses in danger as someone outside the organization could access corporate data.
One of the other challenges with smartphones is that users tend to keep them on all the time, even when they are not in use, which further increases their vulnerability to attack. In 2012, Webroot Threat Research saw an exponential increase in Android-based malware threats (Figure 3). Through the end of January 2013, this included over 185K Android malware threats and over 200K Potentially Unwanted Applications (PUA). PUAs include commercial rooting tools, hack tools, aggressive advertising and data leakage apps. IT Admins may consider eliminating the PUAs as they have the potential to impact data loss or incur unwanted mobile usage fees.
For businesses, the security threats that come with increased mobility are not only real, but they are growing rapidly and can cause significant damage. One survey shows that a single breach costs an average of $214 for each compromised record, and the average major data breach event costs $7.2 million. That is damaging enough to put almost any sized company out of business. Coupled with their exploding growth, inherent weaknesses in smart devices are making organizations much more vulnerable to attack. This means organizations must take steps to ensure that personally owned and company-issued devices are as secure as every other endpoint device connected to the corporate network.
The Webroot Android SDK addresses the vulnerabilities of mobile devices by providing mobile management partners the ability to offer security for their customers. The Android SDK is a robust, UI-less mobile security solution providing partners full control over branding and user interface implementation. It features antivirus, antimalware, secure web browsing and URL filtering/content classification. The Android SDK is lightweight and efficient, utilizing very little memory and bandwidth, while maintaining minimal impact on battery life. A fully functional mobile security SDK enables better protection versus a simple blacklist approach that can be provided via cloud based App reputation APIs.
The Android SDK delivers advanced anti-malware detection powered by the Webroot Intelligence Network, the world’s largest and most advanced threat detection system. Deployment options allow for automatic application and file scans for viruses, spyware and Trojans. Antivirus security shields block malware before it has a chance to install.
Secure Web Browsing uses proprietary Webroot URL content filtering and web reputation databases to prevent users from connecting to malicious sites and phishing attacks. With secure browsing enabled, it will automatically scan web links and URLs to block fraudulent websites other harmful content. Partners also have the ability to filter content based on 85 categories such as gambling, pornography and social networking sites. The feature works with the standard Android browser or can be embedded within a partner’s browser.
Webroot provides all the tools necessary for partners to complete a simple SDK implementation into their solutions. Webroot partners are responsible for developing all UI components (client and management interface) using the Android SDK. The SDK solution consists of a Java Library, Sample App and documentation. The Compiled Java Library (JAR) is embedded in the partner’s app. The Sample App enables a partner to view how integration of the library could be completed. Documentation details all of the classes and interfaces of the library that enable management control of the settings. APIs allow for full management of all of the SDK security functions. For example, the partner can configure:
Once deployed, security definitions and the URL filtering database are hosted by the Webroot Intelligence Network. Definition updates and URL lookups are performed against the Webroot servers (Figure 4).