Post-SolarWinds Action Plan For Enterprise IT

The Securities and Exchange Commission’s new 4-day rule and its recent indictment against SolarWinds and its CISO usher in a new reality for enterprise IT and cyber security teams.  Inside this new reality, enterprise organizations must harden their mobile applications against malware and other attacks, and prepare their enterprise apps to detect and respond when hacking, malware, and threats emerge in their mobile workforce. 

Appdome offers enterprise organizations a centralized compliance platform for Enterprise IT and security teams to build, deliver, monitor, and respond with over 300+ unique Android & iOS defenses automatically, without source code, coding or SDKs. Contact us to learn more!

The SolarWinds attack came from malware installed on an unmanaged mobile device connected to a VPN.

As detailed in the SEC complaint, the attack against SolarWinds came from malware installed on an unmanaged mobile device connected to a VPN. Via this malware, the attackers launched a series of escalating attacks against the SolarWinds corporate servers without being detected.  

Action Plan #1 – Add malware detection features and harden mobile applications against malware exploits

CISOs, as well as Enterprise IT and Cybersecurity teams should add malware detection to enterprise mobile apps to prevent corporate VPN and other applications from operating when malware is present on enterprise devices.

Cybersecurity pledges apply to all parts of the enterprise infrastructure, including mobile apps.

The SEC made it very clear that customers, investors and others should hold organizations, and their enterprise IT and cybersecurity teams, responsible for meeting the standards set out in public cybersecurity pledges and other statements. Enterprise IT teams should adopt technology and platforms that allow continuous compliance with these standards in the workplace apps used by employees and others.  

Action Plan #2 – Adopt technology that allows enterprise IT to meet public cyber security standards, without any dependency on internal or external engineering resources.

Need Help
Protecting a
Mobile Enterprise
Android or iOS App?

Deploy Continuous Threat Exposure Management for Mobile Apps & Users

The SEC also made it clear that SolarWind’s cybersecurity posture left it blind to the source, scale and impact of the attack. To this end, they claimed SolarWinds was “reckless” or “negligent” in knowing. Enterprise organizations should ensure they can monitor and respond to threats as they arise in mobile apps and devices (without any dependency on UEM, MAM as most users are not enrolled in these systems).   

Action Plan #3 – Add RASP and other defenses into enterprise and workplace apps so that they can detect and respond to malware attacks autonomously, i.e., without relying on UEM or MAM enforcement.

Everything Enterprise IT and Security Teams Need to Protect Mobile Workforce Apps with Ease

Zero Complexity, Enterprise App Security Choices

Quickly and easily protect all mobile apps used by employees, consultants, contractors or partners with any combination of security, encryption, MiTM, app management and remote access protection features, including leading UEM, MAM and MDM vendors. No code or SDK required.

Learn More >

Public and Private Appstore Distribution

Enterprise app developers can build enterprise compliance ready Android and iOS apps fast and distribute these mobile apps on the Apple App Store, Google Play, other public app stores, or private enterprise app stores. Reach all employees, contractors and partners with secure mobile apps with ease.

Learn More >

Secure Remote Access for Mobile Apps

Enterprise IT and Security Teams must protect enterprise resources, data and network integrity. Appdome helps these same professionals support all forms of remote access for Android and iOS apps including UEM, MDM Tunneling, Per App VPN, Azure App Proxy, TLS, SSL, Bot defense with no extra gateway.

Learn More >

Watch the video to learn what the modern mobile first, work-from-home workforce expects from mobile apps used for work.

Appdome video Secure Mobile Apps Now
Play Video

Search Appdome Solutions

Search
Blog Post 4 Reasons Existing Waf Anti Bot Solutions Fail To Protect Mobile

4 Reasons Existing WAF Anti-Bot Solutions Fail To Protect Mobile

Traditional anti-bot solutions, like Web Application Firewalls (WAFs), struggle to protect against most mobile-based attack vectors, resulting in significant blind spots in organizations’ API defenses, highlighting the need for advanced mobile-specific bot defense solutions.