Content, Americas

NIST Updates Mobile Device Security Guide: What MSSPs Need to Know


The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has released the "Mobile Device Security: Cloud and Hybrid Builds" practice guide to help organizations address mobile security dangers.

The guid should be of interest to MSSPs -- many of which already leverage NIST's cybersecurity framework for mitigating customer risk.

NCCoE's latest guide offers mobile security solutions to help organizations in the following ways:

  • Reduce risk to ensure employees can access enterprise data on any network, from any location and on any mobile device.
  • Ensure an organization can use bring-your-own-device (BYOD) and other mobile device deployment models to drive cost savings and increase flexibility.
  • Use cloud services to store and access corporate data without putting this information at risk.
  • Leverage identity and access management (IAM) services to simultaneously improve the user experience and enhance security.
  • Provide system administrators with visibility across an organization's mobile devices.
  • Integrate industry-standard mobile security controls.

In addition, the guide contains mobile device deployment descriptions and instructions to help system administrators and security engineers store and manage data. It also is built upon standards-based, commercially available cybersecurity products and can be used by any organization deploying mobile devices.

Check Point Report: Most IT Pros Ignore Mobile Threat Defenses

Fifty-nine percent of organizations said they have not deployed mobile security solutions that can detect mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities, according to the "2019 Security Report" from cybersecurity solutions company Check Point Software Technologies.

Furthermore, the Check Point report revealed only 9 percent of IT professionals cite mobile threats as "significant" security risks – despite the fact that malware and other cyberattacks can harm unprotected mobile devices on organizations' cloud- or on-premise networks.

How Can Organizations Keep Pace with Mobile Threats?

Organizations must understand mobile threats so they can take the necessary steps to address mobile attacks, Check Point indicated. They also must constantly explore ways to combat mobile threats.

MSSPs can offer mobile security services and insights to organizations, too. By doing so, MSSPs can protect organizations against mobile dangers both now and in the future.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.