Mobile devices are increasingly essential to business operations, whether you’re in manufacturing, healthcare, retail or the public sector. But as a result of their proliferation and increased importance, mobile devices are also seen as legitimate attack vectors by adversaries.
Increasing Device Security Concerns
Secure endpoints are essential for any organization to protect against the wide variety of threats, especially when the enterprise has limited control over the technology that enters the workplace due to the growing number of employee-owned devices. Those in charge of security need to know that the devices that connect to the network are trustworthy.
Developing a Multilayered Security Strategy
To gain that trustworthiness, a multilayered security strategy is required, with security built into all layers, from the hardware to the software that runs on it.
One vital element of multilayered security for mobile devices is the ability to perform remote attestation. Remote attestation is a method by which a device authenticates its hardware and software integrity to a centralized service, such as a mobile device management system, to gauge its trustworthiness. It works as an additional authentication metric to ensure that the desired application has loaded and that its integrity is intact.
In the Samsung Knox security platform, remote attestation is performed in the ARM TrustZone within the Trusted Boot layer. Remote attestation is typically performed before the Knox Workspace application is invoked. The Trusted Boot mechanism reads measurement data that has been collected from the attestation agent that is placed on the device, and is used to produce a verdict regarding the overall status of the attestation. This is done by comparing the measurement data collected with the factory values that are securely contained within the TrustZone Secure World. Among things that are checked, attestation includes ensuring the device hasn’t been tampered with and that there’s no malicious software loaded onto it. Through remote attestation, any changes that have been made to a device that have not been authorized can be identified so that organizations can be sure that no protection measures have been circumvented.
The Growing Need for Attestation
The use of remote attestation is growing in popularity as mobile workers continue to be a factor in the vast majority of workplaces. It will help organizations to who continue to maintain BYOD or CYOD policies, where they have limited control over the devices that are brought into the workplace, as it provides assurances around the basic integrity of the device.
In the future, attestation could prove to be invaluable in ensuring the integrity of an ever-growing number of embedded devices that form part of the Internet of Things, which will span everything from industrial automation to smart consumer devices and even cities. Devices that were previously simply mechanical or analog will become interconnected, increasing potential attack surfaces considerably. The ability to perform remote attestation is fundamental to ensuring that apps loaded on devices have not been compromised and the environment they’re running on is safe and secure.
Looking for more tips to increase mobile security? Discover how enhancing the security of your enterprise data starts at the top.