Samsung Research America was concerned the 1,200 mobile devices employees connected to its corporate network might leak critical intellectual property to spies or criminals. To offset this worry from becoming reality, the company integrated advanced threat prevention with the mobile device management (MDM) and SIEM platforms Samsung Research America was already using.

Their approach yielded immediate results, detecting and removing more than 20 pieces of malware already installed on users’ mobile devices.

Read the full story….

Securing Devices in the Wild

Samsung Research America, a subsidiary of Samsung, creates new technologies that give Samsung its competitive edge in the global consumer-electronics market.  Protecting Samsung Research America’s intellectual property (IP) against industrial spying and criminal attacks is Job 1 for Steven Lentz, director information security.

Unprotected mobile devices presented Lentz with a big problem. Employees in R&D, HR and legal departments routinely work on product plans and other proprietary IP using about 800 corporate-owned and 400 employee-owned smartphones and tablets. “Mobile devices don’t operate behind a security infrastructure like corporate PCs, laptops, and servers do,” said Lentz.

Needing a strategy to secure all these mobile devices, Lentz developed some requirements:

  • Prevent mobile devices from leaking data
  • Prevent email phishing and other cyberscam tactics
  • Block compromised devices from accessing the corporate network, applications, and sensitive data
  • Prevent clean devices using Android and iOS operating systems from being compromised
  • Integrate advanced threat prevention with the mobile device management (MDM) and SIEM platforms

In tackling his challenges, Lentz zeroed in on a mobile security solution that defends against threats on mobile devices, in apps, and on networks including phishing via emails, text messages, and browser downloads. In the process, he was able to:

  • Correlate and analyze devices, applications, and network information in the cloud to deliver real-time threat intelligence
  • Integrate his mobile security solution seamlessly with VMWare AirWatch mobile device management (MDM), Splunk security information and event management (SIEM) platforms
  • Prevent data leakage
  • Keep devices safe from infection
  • Prevent data leakage
  • Safeguard clean devices again infection
  • Gain visibility into mobile threats
  • Automate security policy enforcement

On its first day in service, the advanced mobile security component found three embedded pieces of malware on employee devices. Next, it caught more than 20 different kinds of malware already on Samsung’s mobile devices. When the solution identified a new threat, it notified security administrators and quarantined infected devices. After threats were eliminated from mobile devices, the mobile security solution reestablished connectivity with corporate networks and assets. All in all, the new solution found five percent of Samsung Research America’s enrolled devices had been infected with credential stealers, keyloggers, mRATS, and unauthorized root kits.  “So far, we have been 100 percent protected with coverage for both iOS and Android devices,” said Lentz.

“Our users don’t have to worry about our security solution because it’s invisible,” said Lentz. “We’ve seen high adoption and satisfaction from employees and contractors because it’s easy to register for the software, it respects their privacy, and it runs quietly in the background.”

Lesson learned: Proactive mobile security that uses multiple layers of defense is Samsung’s key to securing corporate data and intellectual property from attacks through smartphones and tablets.