January 12, 2021
Be The Master of Your Encryption Keys
Over the past decade, we’ve seen a massive shift towards relying on cloud technologies for everything we do, from watching TV shows and movies to sharing photos. Organizations have done the same. To increase efficiency and availability, they have moved their data and workloads to the cloud. But in a world of expanding threats, it has become necessary to implement additional layers of security for cloud data, applications and services to ensure privacy remains a top priority.
Lookout has always focused on delivering a privacy-centric mobile security offering in the cloud. With the Lookout Security Graph, we leverage the world’s largest dataset to automatically detect and secure threats without needing to inspect users’ content. We also ensure that all of our customers’ data is encrypted. We encrypt data when it is at rest and we use end-to-end encryption when data is in transit both internal to our Security Graph and externally.
We know that certain organizations are looking for an extra layer of security for cloud services like Lookout. Some of you are faced with persistent internal and external threats, as well as strict regulations that need to be met. For example, certain financial institutions or government organizations need to have the highest protection of their keys used to encrypt their data. There may also be requirements to store encryption keys locally. That’s why we are enhancing our security offering with Lookout Cloud Key Security.
Why do I need control of my own encryption keys?
With control over your own encryption keys, you can have the peace of mind that your sensitive data can never be accessed or controlled by anybody else, including personnel from Lookout and the cloud service provider. This is especially helpful for organizations that are faced with certain challenges and regulations and need to limit access to encryption key rights to an absolute minimum and handle data within a specific region.
For example, this can help you meet regulatory or compliance requirements related to cloud services. It will also provide additional security if you’re at risk of being targeted by sophisticated and persistent internal and external threats or are worried about government subpoenas.
Introducing Lookout Cloud Key Security
Just as you’d have a key to lock up your valuable physical assets in a safe deposit box at a local bank, we’re offering the same for organizations with especially sensitive data. With Lookout Cloud Key Security, you control the encryption keys that will be used to encrypt and decrypt personally identifiable information (PII), such as email addresses and mobile device management (MDM) credentials.
Lookout Cloud Key Security users can encrypt their sensitive data with encryption keys that are specific to their organization. These keys are stored in tamper-resistant FIPS 140-2 Level 3 Hardware Security Modules (HSMs), providing the highest level of security against internal and external threats. For an additional layer of security and control, customers can request their keys to be stored in specific regions or countries, rotated or even destroyed.
What we’re especially proud of is that, not only does Cloud Key Security give organizations enhanced security and control, it also has zero impact on the mobile security we offer to end users. We wanted to ensure that you have an additional layer of security without having to slow down critical cloud operations.
An extra layer of protection for your data
Cloud data security and privacy has always been top-of-mind for us. That’s why Lookout has gone through rigorous processes to ensure our entire infrastructure is secure, so we can continue to provide industry leading mobile security. Most recently, we met the stringent requirements for the FedRAMP Joint Advisory Board (JAB) Provisional Authority to Operate (P-ATO).
With Cloud Key Security, we’re thrilled to bring an additional security offering to the Lookout Security Platform. Not all organizations will be looking to manage their own encryption keys. But if you’re looking for an extra layer of protection for your sensitive data, Lookout Cloud Key Security is a cost-effective solution that has no impact on your mobile security experience.
Book a personalized, no-pressure demo today to learn:
- How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
- Real-world examples of phishing and app threats that have compromised organizations
- How an integrated endpoint-to-cloud security platform can detect threats and protect your organization