Security firm Lookout has launched what it is pitching as a new class of mobile security management tool for businesses that have started to struggle with the limitations of orthodox Mobile Device Management (MDM) systems.
Called Mobile Threat Protection and based on a SaaS service, it features a number of more complex security features including the ability to protect against and manage side-loaded apps (from in-house or non-authorised app stores), stop users from rooting or Jailbreaking Android or iOS devices, and detecting apps that contravene security policies
Lookout also claims it can do all of this without imposing a security load on admins by, for example, asking users to suspend suspect apps themselves. If they don’t comply, a device simply becomes untrusted and no longer has access to VPNs or containers on the device holding business data.
Admins are informed but manual intervention is kept to a minimum.
According to Lookout, MDM no longer cuts it as a security layer on its own because the priority of such systems is merely to manage, track and provision them as data-holding devices in a convenient way.
It is possible to reach out and wipe them if they are lost or stolen but advanced security features are usually few and far between. Mobile Threat Protection does, however, integrate with two leading MDM systems for practicality’s sake - Airwatch by VMware and MobileIron – so it is intended to be complimentary rather than competitive.
“In bringing Lookout’s predictive security model to large enterprises, we seek to close the gap in an enterprise’s security strategy that results from simply managing mobile devices, not securing them,” said Lookout’s vice president of products, Aaron Cockerill.
“As mobile devices become the predominant productivity tool in the enterprise and the number of devices in an organisation multiplies, CISOs are being left in the dark as to the risks that these devices introduce.”
Cockerill agreed that while mobile malware might not yet be at PC levels – Verizon suggested as much in its report on the topic some weeks ago – large enterprises still had to contend with small amounts of targeted mobile malware. The popularity of Apple devices among board-level members made that platform a growing target for cybercriminals, he said.
“The most likely targeted attack in the next year is likely to be around iOS devices in large enterprises. We don’t know to what extent that will even be publicised.”
According to Lookout, generalisations about mobile malware miss the point that it is the small amount of serious malware that is doing the damage. In a study looking at a selection of 25 Fortune 500 firms, it had found 50 serious pieces of mobile malware per 1,000 devices, a much higher percentage than in the general population.
“We are in the 2010 or 2011 time frame when you compare [mobile] to the sophistication of PC threats.”
Threats on iOS are being distributed using bogus enterprise certificates that make them look genuine, something that used to be hard to pull off. “These days it takes 15 minutes and Apple can’t keep up,” said Cockerill.
“The user has no way of understanding [whether an app is malicious] from the interaction. They are told to press ‘trust’. Once they’ve pressed trust the developer can install an app that can do anything. They can do some really nasty stuff.”
“Apple does an awesome job at stopping malicious apps getting into the app store. “But enterprises have conditioned their users to accept sideloading.”
Lookout Mobile Threat Protection will be available from June 30.