WHITEPAPER. Lookout Mobile Endpoint Security for App Risks

Similar documents
Finding GDPR non-compliance in a mobile first world

BETTER Mobile Threat Defense (BMTD)

MaaS360 Secure Productivity Suite

WHITEPAPER. How to secure your Post-perimeter world

Symantec Endpoint Protection Mobile - Admin Guide v3.2.1 May 2018

CloudSOC and Security.cloud for Microsoft Office 365

Best Practices in Securing a Multicloud World

Office 365 Buyers Guide: Best Practices for Securing Office 365

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

SIEM: Five Requirements that Solve the Bigger Business Issues

CLOUD REPORT LITTLE CHANGE IN GDPR-READINESS LEVELS WITH MAY 2018 DEADLINE LOOMING. 24.6% of cloud services rated high on GDPR-readiness

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

CipherCloud CASB+ Connector for ServiceNow

WHY MOBILE SECURITY SHOULD BE IN YOUR TOP PRIORITIES

Teradata and Protegrity High-Value Protection for High-Value Data

Lookout Mobile Endpoint Security. AirWatch Connector Guide

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

MOBILE SECURITY OVERVIEW. Tim LeMaster

AKAMAI CLOUD SECURITY SOLUTIONS

Lookout Mobile Endpoint Security Console Administrator s Guide

Altitude Software. Data Protection Heading 2018

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

CA Security Management

ForeScout ControlFabric TM Architecture

2016 BITGLASS, INC. mobile. solution brief

1 Introduction Requirements Architecture Feature List... 4

with Advanced Protection

Deploying Lookout with IBM MaaS360

Run the business. Not the risks.

McAfee epolicy Orchestrator

Securing Office 365 with SecureCloud

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Lookout Mobile Endpoint Security. Deploying Lookout with BlackBerry Unified Endpoint Management

MOBILE THREAT PREVENTION

THALES DATA THREAT REPORT

Securing Your Most Sensitive Data

mhealth SECURITY: STATS AND SOLUTIONS

10 FOCUS AREAS FOR BREACH PREVENTION

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Have breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?

locuz.com SOC Services

Secure Access for Microsoft Office 365 & SaaS Applications

DIGITAL TRUST Making digital work by making digital secure

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

AT&T Endpoint Security

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Quick Heal Mobile Device Management. Available on

Express Monitoring 2019

IBM Security Guardium Analyzer

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

SIEMLESS THREAT MANAGEMENT

Symantec Endpoint Protection Family Feature Comparison

Zimperium Global Threat Data

Spotlight Report. Information Security. Presented by. Group Partner

Automating the Top 20 CIS Critical Security Controls

What is Penetration Testing?

Securing the SMB Cloud Generation

Make security part of your client systems refresh

Mastering The Endpoint

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

White Paper. How to Write an MSSP RFP

Maximum Security with Minimum Impact : Going Beyond Next Gen

McAfee MVISION Mobile Threat Detection Android App Product Guide

2018 Edition. Security and Compliance for Office 365

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Mobile Devices prioritize User Experience

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

McAfee MVISION Cloud. Data Security for the Cloud Era

Sustainable Security Operations

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Understand & Prepare for EU GDPR Requirements

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

Technical Evaluation Best Practices Guide

eplus Managed Services eplus. Where Technology Means More.

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

Stopping Advanced Persistent Threats In Cloud and DataCenters

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

IBM Cloud Internet Services: Optimizing security to protect your web applications

Enterprise Mobility Management Buyers Guide

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Enterprise Mobility Management

The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Enterprise Security Solutions by Quick Heal. Seqrite.

CyberArk Privileged Threat Analytics

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

6 Ways Office 365 Keeps Your and Business Secure

Deploying a Next-Generation IPS Infrastructure

FOR FINANCIAL SERVICES ORGANIZATIONS

Security and Compliance for Office 365

Imperva Incapsula Website Security

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Next-Gen CASB. Patrick Koh Bitglass

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Transcription:

WHITEPAPER Lookout Mobile Endpoint Security for App Risks

The emerging risk around leaky and noncompliant mobile apps As organizations are increasingly embracing mobile devices in the workplace, mobile apps have become the primary way that data is accessed and transmitted on these devices. More and more, organizations are allowing employees to freely download mobile apps without having any visibility into what those apps are actually doing on the device. This is common practice for organizations looking to enable mobile productivity in the workplace, but with it comes new risks that are often not addressed. Moreover, organizations are now building their own in-house apps for their employees. The development of these apps is often outsourced to independent software vendors who typically assemble these apps from existing code libraries, rather than building them from scratch. These existing code libraries may contain vulnerabilities, risky, or even malware. These apps do not go through any official app store vetting process and therefore could result in potential data loss or compliance violations if not thoroughly checked before full distribution to employees. In order for organizations to be able to fully embrace the use of cloud and mobile, enterprises need to apply the appropriate security controls to their mobile fleet. Mobile threats, vulnerabilities, risky and configurations are now a known enterprise risk and can lead to loss of sensitive corporate data and compliance risk. The same compliance policies applied to fixed endpoints now need to be applied to mobile endpoints. CASE STUDY A Lookout customer used Lookout to discover that their mobile app, which was developed by an independent software vendor (ISV), enabled location data. This was a privacy concern for their employees. After running the app through Lookout, they contacted the ISV to remove that feature. How are app risks different from mobile threats? Mobile Threats: As more sensitive data is accessed on mobile, attackers are targeting this platform to steal sensitive data. Lookout Mobile Endpoint Security identifies mobile threats as targeting these primary attack vectors: app-based threats, network-based threats, and device-based threats. Gartner defines Mobile Threat Defense (MTD) as being composed of the following features: application scanning and risk, network security and protection, behavioral anomaly and configuration detection and vulnerability assessment and management. App Risks: Some ios and Android apps are not malicious threats, but they can exhibit sensitive or contain vulnerabilities, violating security or regulatory requirements around data loss of an organization. Lookout provides comprehensive visibility into these app risks within an organization s mobile fleet, enabling admins to monitor and set policies against apps that are at risk of violating internal and regulatory requirements. According to Gartner, Mobile App Reputation Services (MARS) products evaluate the risk and reputation of individual apps hosted in public stores As Gartner recently published, MARS is converging with MTD and will likely not remain a stand-alone market. Technical professionals evaluating MARS products should favor MTD products that include MARS. 1 1 Gartner Compare EMM Security Ecosystems to Make a Strategic Selection, Andrew Garver, May 2017 1

In the spectrum of apps, there are harmless apps on one end and malicious apps on the other. However, there is a grey area of apps in the middle of this spectrum that are not outright malware, but violate the security posture of the organization or specific industry/regional regulations like GDPR. Mobile Endpoint Security for App Risks With the prevalence of free mobile apps, we see now more than ever that user data has become the new currency. Developers are selling any data they ve collected via these grey area apps to data brokers, ad networks, and other third party vendors - leaving your No sensitive Some sensitive Malicious employees and possibly your organization s data at risk. Sensitive mobile app ACCESS TO SENSITIVE DATA Apps that access sensitive corporate or employee data, including PII DATA EXFILTRATION Apps that upload sensitive data to external servers DATA SOVEREIGNTY VIOLATIONS Apps that violate data sovereignty regulations or send data to risky geographies USE OF CLOUD SERVICES Apps that access cloud storage providers, social networking services, or peer-to-peer networks INSECURE DATA HANDLING Apps that don t use proper encryption when storing or sending data VULNERABILITIES Applications with known vulnerabilities 2

How does Lookout mitigate these risks? Lookout believes that risk is in the eye of the beholder. An app that may be risky for one financial services organization may be perfectly tolerable to a construction firm based on their security policy. As such, we do not provide subjective risk scores to each app (e.g., this flashlight app is 86/100 risk ). Rather, we provide visibility into the app capabilities in the context of an organization s overall fleet of applications, allowing the admin to make simple, actionable decisions about the apps on employees mobile devices. When a risky app is found, the admin has the ability to blacklist that app directly from the console. However, blacklisting one-off apps each time does not scale, as apps may update to new versions as much as 10 times per year. Custom policies to manage app risk at scale With this in mind, Lookout enables admins to blacklist app by setting custom policies, with flexible remediation actions using your MDM. This effectively reduces the need to manually vet each application while still preventing data leakage. Organizations can set custom policies to protect enterprise data from malicious threats and data leakage, strengthening their ability to meet internal and regulatory compliance requirements for their mobile endpoints. Lookout s natively developed MTD + MARS solution called Lookout Mobile Endpoint Security provides security professionals with a single dashboard view across their spectrum of mobile risk, allowing enterprises to quickly identify any areas of concern. App access on ios enterprise devices: 30% the address book 31% the calendar 75% the camera 30% the GPS 39% the microphone 43% of apps connected to Facebook 14% of apps connected to Twitter 3

Features of Lookout Mobile Endpoint Security for App Risks Risky apps dashboard: A central dashboard to view all apps on your network. Example: The dashboard tells you that 15% of the apps in your fleet send contact data externally. App risk monitoring at scale: Apply filters to all the apps in your fleet, allowing an admin to quickly hone in on risky app capabilities across all the apps in your mobile fleet. Example: Show me all ios apps that both access contacts AND connect to cloud services like Dropbox. Custom policies for risky apps: Save those filters as policies and assign a risk level to violations of that policy. Example: As an admin, I want to prohibit apps that send calendar data overseas, and need to notify my employees of these policy violations. A comprehensive MTD + MARS solution Mobile security technologies of today should integrate with existing mobile management solutions. Lookout integrates with MDM/EMM solutions, as well as SIEM solutions, to allow enterprises to easily set up policies and protect their mobile fleet. Lookout Mobile Endpoint Security for App Risks seamlessly integrates with Lookout s existing threat protection capabilities, enabling admins to both monitor and set actionable policies against apps at risk of violating internal or regulatory requirements. Our massive dataset of over 40 million apps provides the visibility that admins need in order to set policies that protect corporate data against leakage in the most scalable and effective manner. Lookout empowers your organization to adopt secure mobility without compromising productivity. App blacklisting: Once I identify that an app should not exist on my network, I can place that app in a blacklist and use my MDM to remove the app from the network. Example: I ve identified a flashlight app on a small number of ios devices that is too aggressive with data collection, and I want to blacklist that from my network. Enterprise app review: For custom apps that I build, I can upload that app into Lookout to analyze for risky and malware. Example: We ve just built an HR app for employees and I want to make sure the developer didn t use any components with malicious code. 1-888-988-5795 lookout.com 2017 Lookout, Inc. All rights reserved. Lookout, the Shield Logo, and Everything is OK are registered trademarks of Lookout, Inc. All other brand and product names are trademarks or registered trademarks of their respective holders. 20170810-Lookout-USv1.0 4

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback