August 7, 2017

min read

Game on: Mobile Security Heats Up

I've been inspired recently by the increasing number of CEOs and government officials I meet who now fully embrace a "mobile-first, cloud-first" strategy. Mobility has not only changed the way we live, it's become the cornerstone of our day-to-day working lives. We use our smartphones every day to check email and social media, while also reviewing customer records and other sensitive financial data. Mobile technology has been so engrained in my day-to-day that I'm often surprised to find others just catching on.

Last month, one of the legacy security giants, Symantec, announced it had entered into an agreement to acquire Skycure to "provide customers with comprehensive, cross-platform Mobile Threat Defense." In essence, Symantec has discovered the opportunity that Lookout identified a decade ago: to secure mobility so that individuals and businesses can confidently embrace its benefits.

Security for the post-perimeter era

Virtually every enterprise today employs a firewall to enforce 'perimeter' security. To use an analogy, think of a firewall as a brick wall around a building, equipped with a gate and a 24-hour security guard. The guard allows only authorized personnel to enter the building and searches all packages upon entering and leaving. Everything inside the wall is considered secure while unauthorized personnel and suspicious packages are denied access.

But what if people can work from anywhere they want and circulate packages amongst themselves?  What good is that security guard in this scenario?

The mobile-first, cloud-first world is essentially the IT equivalent problem. As applications transition to the cloud, the traditional network perimeter becomes hard to define. Authorized users can be anywhere, accessing applications on cloud-hosted, infrastructure-as-a-service (IaaS) platforms, such as AWS and Microsoft Azure, or Software as a Service (SaaS) delivery models. Less enterprise traffic passes through perimeter firewalls as the modern enterprise transitions to a borderless model.

In this "post-perimeter' era, more users access the internet from mobile devices than from desktops and laptops. Corporate data migrates from the safety of a private data center to the cloud and, in some cases, the pockets of employees. Untrusted apps run alongside trusted apps on devices connecting via dangerous public Wi-Fi networks. Smartphones and tablets become ground zero for a wide spectrum of risks that include malicious targeted attacks, a range of malware families, non-compliant apps that leak data, and vulnerabilities in device operating systems or apps.

A new approach to enterprise security is needed.

A data-driven, comprehensive solution

Today there are billions of mobile devices in use, comprised of thousands of device types and OS versions, along with millions of apps being constantly updated...all generating hundreds of billions of data points. Today's CISOs know that security solutions must evolve to keep up with this increasingly complex ecosystem. To be effective, modern security solutions must look beyond a single device, server or application and perform analysis across a global dataset. Lookout's global network consisting of more than 100M mobile devices, 40M apps and machine-learning models uniquely qualifies us to identify newly sophisticated and targeted threat activity with scale and precision.

Game on

When a sleeping giant like Symantec suddenly wakes up and says, "We have to get into that market!" it serves as market validation that helps our market grow. It drives more customers to make buying decisions, creates buzz, and stirs the interest of partners, analysts, and press. While we welcome the company, we'll make sure we maintain our frontrunner position the same way we always have - through constant innovation.

It's a good time to be in mobile security.