May 16, 2017
Lookout Unveils The Mobile Risk Matrix
San Francisco, CA - May 16, 2017 - Lookout, the global leader in securing mobility, today unveiled the Mobile Risk Matrix, a framework illustrating the array of mobile risks across app, device, network, and web & content vectors, to help enterprises accurately identify, assess and secure their mobile workforce. Within the framework, Lookout provides new insights on the prevalence of enterprise mobile risks pulled from the Lookout Security Cloud, a massive data set of mobile code from existing enterprise and personal customers. In conjunction with the new framework, Lookout announced a series of new features and business solutions to increase customer security coverage across these mobile risks.
“With the rapid adoption of mobile within the enterprise, CISOs must now bring desktop-level security to a new set of risks that are specific to this evolving endpoint. The spectrum of mobile risk is designed to help enterprise CISOs understand and prioritize the security concerns they must address on mobile devices,” said Aaron Cockerill, Lookout chief strategy officer. “We understand that each CISO’s risk profile is unique based on enterprise and industry requirements, but every CISO requires visibility across the entire mobile risk spectrum. Enterprises need to understand and prioritize these risks to make simple, actionable decisions, and implement solutions that enable them to embrace mobility, with the peace of mind that their enterprise data is secure.”
The growing adoption of mobile in the enterprise has allowed for increased flexibility and productivity. However, due to this shift, mobile devices have rapidly become ground zero for a wide spectrum of risks that includes malicious targeted attacks to devices and network connections, a range of malware families, non-compliant apps that leak data, and vulnerabilities in device operating systems or apps. According to a recent Gartner report, “Security and risk management leaders face an ever-increasing assortment of security threats to multiplatform, mobile and personal devices amid increasingly chaotic work styles. (1)”
To enable CISOs to understand the spectrum of mobile risk they need to detect and protect against, Lookout has released the “The Spectrum of Mobile Risk: Understanding the full range of risks to enterprise data from mobility." This whitepaper provides enterprises with the definitive standard for measuring mobile risk with new visibility into the prevalence of threats, software vulnerabilities, and behaviors & configurations. Key insights from the new Lookout Spectrum of Mobile Risk whitepaper include:
- Mobile malware continues to be a problem on Android: Malicious mobile apps can do many nefarious things, including steal information, physically damage devices, and monitor a user’s or organization’s activities. Over the course of six months, Lookout found that on average, 47 out of 1000 Android enterprise devices encountered an app-based threat.
- OS vulnerabilities are still a concern based on OS update rate: Mobile devices are plagued by a number of known vulnerabilities, which are patched on a regular basis with OS updates pushed by the device manufacturer. As of April 14th, looking at over 1M of Lookout consumer devices, just 43% of users had updated their iOS operating systems to or above version 10.3, leaving user devices open to security vulnerabilities patched by Apple in later updates. On Android, specifically on the Samsung Galaxy S6, 92% of Lookout personal users had yet to update their OS to the latest version (Android 7.0 - Nougat).
- Employees continue to jailbreak/root their devices: Device risks can stem from employees using mobile devices they have jailbroken or rooted, or something as simple as not enabling a passcode on a device. Lookout found that one in 1000 of enterprise iOS devices are jailbroken while five in 1000 of enterprise Android devices are rooted.
- App behaviors may lead to violations of corporate policy: Sensitive app behaviors can lead to problems such as leakage of enterprise data that the app can access. This can pose a significant compliance risk for enterprise security policies or industry regulations. Across the Lookout iOS enterprise device network, 30% of apps access contacts, 30% of apps access GPS, 31% access calendar, 39% access microphone, 75% access camera. From a social interaction perspective, 43% connect to Facebook, and 14% connect to Twitter.
- Enterprise employees are sideloading applications, specifically on iOS: Due to the ability for most users to “sideload” apps onto their phone, Lookout sees a consistent incidence of malicious applications and sensitive app behaviors appear on our enterprise customers’ devices. Over the course of 6 months, Lookout found that on average, 11 in 100 iOS devices sideloaded an application.
"After seeing an uptick of mobile attacks across industries, it became clear that we would have to integrate a mobile security solution with our existing systems to protect apps and sensitive data being accessed by the thirty-thousand mobile devices in our environment," said Constantinos Amiridis, IT strategist, City of Stockholm. "We chose Lookout because the solution offers comprehensive protection against the full spectrum of mobile risks."
As companies across the globe continue to adopt mobile to increase productivity, Lookout is constantly innovating to provide customers with the most comprehensive security solution available. As of today, Lookout Mobile Endpoint Security customers will now be able to:
- Understand application interactions with social media: Many apps connect to social networks to share information or simplify authentication, creating additional risk to an organization by adding vectors where confidential company information could be leaked. Lookout continues to expand Mobile Endpoint Security for App Risks, now enabling customers to gain visibility into iOS apps that use social media networks including Twitter, LinkedIn, Facebook, Weibo, and Instagram. In addition to providing admins with visibility into potentially non-compliant app behaviors, Lookout allows admins to create policies that automatically alert to the presence of apps that violate corporate policy.
- Gain insight into secure and insecure data handling: Lookout scans every mobile app across all devices in an organization and surfaces information to the admin if the device is not using best practices for securing data-in-transit or at-rest. Lookout offers this feature for iOS apps using App Transport Security (ATS) as a measure of whether the iOS app is securing data in motion appropriately. On Android, Lookout reveals app network connections that do not use encryption. Lookout uses a similar criterion to determine whether an app properly secures data at rest, such as checking if an app maintains unencrypted files after the device boots. For in-house developed apps, admins can upload their app to the Lookout console, and the app will be analyzed for these vulnerabilities, alongside other behaviors.
- Increase visibility into out-of-date OS and configuration risks: Lookout Mobile Endpoint Security will now give admins visibility into devices running an out-of-date operating system on iOS, as well as if a new version is available. On Android, Lookout will inform the admin which Android security patch level version each device is running. Lookout also provides visibility for a new set of configuration risks, including when Developer Mode is enabled, USB debugging mode is enabled, encryption is disabled, downloading apps from unknown sources is allowed, apps that have admin privileges, or lock screen is disabled.
- Enhance risk remediation capabilities via integrations with enterprise solutions: In addition to taking advantage of the new features in Lookout Mobile Endpoint Security, admins can now integrate with existing enterprise management or security systems using the Lookout Mobile Risk API to manage threats centrally, obtain visibility quickly, and take a remediation action immediately. To correspond with the launch of this API, Lookout has developed out-of-the-box connectors to leading SIEM systems, enabling security professionals to view Lookout threat events and metadata in these SIEM systems in real time.
To provide mobile risk protection to users beyond enterprise customers, Lookout will also expand network protection to Personal Premium and Personal Premium Plus customers. The new feature, Safe Wi-Fi, will enable users to feel secure when connecting to Wi-Fi on their mobile devices, and be alerted with step-by-step instructions on what to do when a network in use is under attack. Safe Wi-Fi will be available this summer on both iOS and Android.
To learn more about Lookout Mobile Endpoint Security, visit Lookout.com.
(1) Gartner Predicts 2017: Endpoint and Mobile Security, John Girard, Dionisio Zumerle, Brian Reed, Peter Firstbrook, Bart Willemsen, 16 November 2016
The analyzed data came from a large global subset of Lookout personal and enterprise protected devices, and the time periods ranged between April 15, 2016 and April 16, 2017. The enterprise data includes both Android and iOS devices from financial institutions, healthcare organizations, government agencies and other industries. The personal data includes both Android and iOS devices from consumers around the globe, consisting of over 100M devices worldwide. All data was pulled anonymously, and no corporate data, networks, or systems were accessed to perform this analysis.