AI in mobile devices raises enterprise security concerns: The integration of artificial intelligence (AI) into mobile devices presents new challenges for enterprise security leaders, particularly regarding data protection and management.
• Local AI engines have been released for Android phones by major vendors like Google and Samsung, as well as smaller players such as OnePlus and Xiaomi.
• Apple has announced its Apple Intelligence offering, set to be previewed in the fall.
• Mobile assistants like Alexa, Bixby, Google, and Siri, along with numerous apps, already utilize AI and large language models.
Current management limitations: Enterprise security leaders face obstacles in controlling AI engines on managed mobile devices, with varying degrees of success across different aspects.
• Local AI engines on Android devices cannot currently be managed through unified endpoint management (UEM) platforms.
• UEM vendors are uncertain about the management options for Apple Intelligence.
• OS developers and device manufacturers have not provided the necessary information for UEM vendors to implement configuration options for AI engine management.
Positive developments in AI assistant management: While local AI engines pose challenges, there is better news regarding the management of AI assistants on mobile devices.
• AI assistants can be disabled through UEM settings or by disabling the application itself, as in the case of Alexa.
• Security professionals should assess how AI assistants interact with business applications, messaging, and audio/video channels on both corporate and personal devices.
• UEM settings can be adjusted to limit the risk of business data leakage through AI assistants.
Mobile threat defense solutions: For applications that may collect and send data to third parties for processing, modern mobile threat defense (MTD) solutions offer valuable insights and control options.
• MTD solutions can analyze applications on mobile devices and identify where application data is being sent.
• Security teams can use this information to determine risk levels for apps and devices.
• Based on the risk assessment, security teams can:
– Disable access to corporate resources until risky applications are removed from bring-your-own-device situations.
– Apply UEM policies to disable risky applications on corporate devices.
Expanding mobile security landscape: The integration of AI into more applications and platforms necessitates a broader approach to mobile security.
• The range of threats targeting mobile devices is extensive and growing.
• Security professionals will need to implement additional controls to reduce the risk of sensitive data compromise.
• OS developers like Apple and Google, along with platform vendors, need to:
– Allow UEM platforms to implement policies on managed devices to limit corporate data collection by AI.
– Provide MTD vendors with greater insight to enhance mobile ecosystem security.
Call for industry collaboration: To address the evolving security challenges posed by AI in mobile devices, cooperation between various stakeholders is crucial.
• OS developers, device manufacturers, and UEM vendors must work together to create comprehensive management solutions.
• Enhanced communication and information sharing between these parties will be essential for developing effective security measures.
• The mobile security ecosystem needs to adapt quickly to keep pace with the rapid integration of AI technologies.
Future implications and recommendations: As AI continues to permeate the mobile landscape, enterprise security leaders must remain vigilant and proactive in their approach to data protection.
• Regular assessment of AI-related risks in mobile devices should become a standard practice for security teams.
• Organizations should stay informed about new management capabilities as they become available from UEM and MTD vendors.
• Developing a comprehensive mobile security strategy that accounts for AI-related risks will be crucial for protecting sensitive business data in the evolving technological landscape.