Menlo Security is extending its cloud-based Secure Web Gateway (SWG) to include web isolation for mobile devices. This new offering is designed to eliminate the threat of malware and phishing attacks when users are accessing the internet and email from their smartphones and tablets.
Mobile device usage continues to grow in the enterprise and the security risk has increased accordingly:
- Browser vulnerabilities:Web browsers are increasingly being used to access new applications and cloud resources. This makes web browsers a significant target for attackers to exploit and gain a foothold in the enterprise. Recent research published by Menlo Labs showed how 83 percent of browsers were not patched within 30 days by enterprises after a Chrome update. Because mobile browsers are updated less frequently than desktop browsers, Menlo Labs anticipates the same problem with mobile devices. Two recent bugs fixed by Apple and Google on their web browsers that were actively exploited in the wild are leading indicators of the increasing focus on mobile browsers.
- Phishing:According to industry research[1], the surge in remote work has increased mobile phishing attacks by 37 percent globally and 66 percent in North America alone. The report found that unmitigated mobile phishing threats could cost organisations with 10,000 mobile devices as much as $35 million per incident, and up to $150 million for organisations with 50,000 mobile devices.
- Malicious document download:Malicious file downloads on mobile devices are another area of risk. File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spear phishing skills to fit today’s trends, including the use of mobile browsers. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity. As a result, mission-critical files and documents increasingly live outside the corporate firewall, unprotected by the organisation’s security policies and controls.
Because mobile devices make it difficult to identify the tell-tale signs of a malicious email or link, Menlo Security developed a mobile security solution that can protect work wherever it happens, regardless of device or location, while securing remote employees accessing the web using home networks.
The new mobile isolation offering provides the same benefits of Menlo Security’s traditional isolation solution for desktop computers, including Data Loss Prevention (DLP), read-only phishing protection, and download controls. Additionally, all links sent in mobile applications will be opened in the default browser where there are read-only protections.
‘Mobile security is often an afterthought for Australian organisations when it comes to cybersecurity, and cyber attackers are aware of this and use it to their benefit,’ said Stephanie Boo, Menlo Security’s APAC vice president. ‘At Menlo Security, our mobile isolation capability offers the same protection no matter how you are working – PC, tablet or smartphone.”
The Menlo Security Secure Web Gateway with Isolation Core solution supports Apple iOS, Apple iPadOS, and Google Android operating systems and will integrate directly with the default Safari, Chrome, and Samsung browsers.