Is Motorola’s New Patch Schedule Exposing Users to Security Threats?

It seems Motorola has decided that the extra work of keeping its Android devices up-to-date with the latest security patches is not important enough.

Motorola has just announced that it will not follow Google’s Android security update cadence.

Instead, the mobile company will only provide security updates to its smartphones when it is convenient for their development team. The reason is: “…because of the amount of testing and approvals that are necessary to deploy them, it’s difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled maintenance release (MR) or OS upgrade.”

This means that Motorola’s Android users are more exposed to security vulnerabilities than other mobile users, such as Google Nexus.

Mobile security is a top concern for many businesses. In the recent Cisco 2016 Annual Security Report, mobile security was identified as one of the top security defenses SMB are currently using.

However, the truth of the matter is that up until now, we haven’t heard that much about large-scale security incidents involving mobile devices. In fact, in the latest Data Breach Investigations Report from Verizon, security researchers from Verizon specifically mentioned that they did not even have enough data to support adding mobile attacks to their report.

Ransomware for mobile?

Ransomware may change this. As more cybercriminals consider ransomware as the go-to method for making money in the PC market, targeting the vast amount of mobile device users may be the next natural step toward increasing their revenue stream.

As more and more employees depend on their mobile device for their daily work, taking those devices hostage may be just as effective as taking employees’ PCs hostage.

Every day, new vulnerabilities are detected in mobile devices which may allow attackers to successfully run ransomware code that can breach the sandbox environment implemented by all modern mobile OS.

One example is the Accessibility Clickjacking vulnerability discovered by SkyCure some time ago. This Android OS vulnerability allows an attacker access to resources outside of the sandbox. It’s this type of vulnerability that is exactly what ransomware needs in order to encrypt all the files on the mobile device and effectively take it hostage.

Ransomware has a direct and quantified effect on both the user and the business; therefore, it may tip the scale toward the importance of securing mobile devices. A concerted effort should be made to ensure that the mobile device OS is up-to-date with the latest security patches—effectively blocking any attempt of leveraging known vulnerabilities and unleashing destructive attacks like ransomware.

Keep your systems protected with LANDESK Security Suite and don’t forget to check out our free white paper below.

Blog-CTA-Whitepaper-527x150

Mobility Management and its Role in Unified Endpoint Management

It’s an annual event that we look forward to at LANDESK, the release of the Gartner Magic Quadrants (MQ) for our various solutions.  For me, the Magic Quadrant for Enterprise Mobility Management Suites is special.  Not because of the days we invest preparing our response (it’s a lot of work), but the MQ gives an opportunity for those of us who live with these products day-in/day-out a chance to step back realize how fast this area of technology moves, and what it means to our customers.

It makes sense, when you think about it: Users exchange their mobile devices every 12-18 months, and that can cross two generations of smartphone models.  With that compressed lifecycle, and the evolution of functionality that comes with each new generation of device, keeping up with the technology is worthy of an annual assessment like the MQ.  Mobile, on its own (and that’s how the EMM Magic Quadrant is determined) is so dynamic, so when we see the MQ publication, we are always happy to see the market assessment aligning with big challenges our customers are looking for us to help them solve.

One of the biggest changes this past year has been the desire to consolidate the toolsets needed to manage everything users carry – from their laptop (and it could be Windows, Mac, etc.) to their smartphone/tablet/other (Android, iOS, etc.). The term is “Unified Endpoint Management”, and we have been hearing a lot from our customers about the desire for clients of all types (traditional and mobile) to be managed together in this way.  It enables user-centered IT management with huge efficiencies. This is the first time that UEM rankings have been part of Gartner’s Magic Quadrant criteria.

For the IT admin, it offers a single system for configuring and managing everything a user carries.  A truly integrated UEM solution, such as LANDESK Management Suite 2016, delivers this in such a way that make it super easy to see, configure and manage all the devices in a user’s portfolio, together and simultaneously.  For the end user, they can count on consistent access across the screens they use, because the policies are configured uniformly based on their role, not the device itself.  Simple, easy user management.

We don’t want to spoil the fun of reading the Gartner Magic Quadrant for Enterprise Mobility Management for yourselves, but we’re extremely proud of our inclusion and move into the “Visionaries” quadrant of the MQ (no vendor saw as significant a shift in the positive direction)!  We’re also honored to have been recognized for our Unified Endpoint Management approach, which leverages our historic strength in Client Management Tools, and brings EMM into the same LDMS product for a truly integrated solution.  Take a look Gartner’s assessments, then take a look at all the devices your users carry.  Do you have all the visibility you need to confidently manage it all?