Menlo Security, a leader in cloud security, today announced an industry first by extending its cloud-based Secure Web Gateway (SWG) to include web isolation for mobile devices. This new offering is designed to eliminate the threat of malware and phishing attacks when users are accessing the internet and email from their smartphones and tablets.
Mobile device usage continues to grow in the enterprise and the security risk has increased accordingly:
- Browser vulnerabilities: Web browsers are increasingly being used to access new applications and cloud resources. This makes web browsers a significant target for attackers to exploit and gain a foothold in the enterprise. Recent research published by Menlo Labs showed how 83 percent of browsers were not patched within 30 days by enterprises after a Chrome update. Because mobile browsers are updated less frequently than desktop browsers, Menlo Labs anticipates the same problem with mobile devices. Two recent bugs fixed by Apple and Google on their web browsers that were actively exploited in the wild are leading indicators of the increasing focus on mobile browsers.
- Phishing: According to industry research1, the surge in remote work has increased mobile phishing attacks by 37 percent globally and 66 percent in North America alone. The report found that unmitigated mobile phishing threats could cost organizations with 10,000 mobile devices as much as $35 million per incident, and up to $150 million for organizations with 50,000 mobile devices.
- Malicious document download: Malicious file downloads on mobile devices are another area of risk. File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spear phishing skills to fit today’s trends, including the use of mobile browsers. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity. As a result, mission-critical files and documents increasingly live outside the corporate firewall, unprotected by the organization’s security policies and controls.
Because mobile devices make it difficult to identify the tell-tale signs of a malicious email or link, Menlo Security developed a mobile security solution that can protect work wherever it happens, regardless of device or location, while securing remote employees accessing the web using home networks.
The new mobile isolation offering provides the same benefits of Menlo Security’s traditional isolation solution for desktop computers, including Data Loss Prevention (DLP), read-only phishing protection, and download controls. Additionally, all links sent in mobile applications will be opened in the default browser where there are read-only protections.
“Mobile devices and browsers are an enticing target for cyber attackers looking to exploit zero days and conduct socially-engineered phishing attacks, yet in many organizations, mobile security is treated like a second-class citizen,” said Nick Edwards, Menlo Security’s vice president of product management. “At Menlo Security, we’re committed to securing work where it happens, and our mobile isolation capability extends the same protection for the PC to smartphones and tablets, securing today’s modern workforce.”
The Menlo Security Secure Web Gateway with Isolation Core solution supports Apple iOS, Apple iPadOS, and Google Android operating systems and will integrate directly with the default Safari, Chrome, and Samsung browsers.
About Menlo Security
Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies and eight of the ten largest global financial services institutions, and is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.
12020 Lookout Mobile Phishing Report