Lookout's new enterprise mobile-threat-protection platform is designed to help organizations limit the risk of "side-loaded" applications.
Controlling applications and limiting the risks of mobile devices to an enterprise is no small task. Security vendor Lookout
is now adding a new product into the mix of mobile-device management (MDM) and mobile-security technologies with its mobile-threat-protection platform for enterprises.
"What we're doing with the mobile-threat-protection platform is we're offering enterprises the ability to define risk profiles for managed devices and protect them with a predictive threat capability," Aaron Cockerill, vice president of products at Lookout, told eWEEK
Lookout already has a consumer product in the market for both iOS and Android devices. In the enterprise, Cockerill said that the general path most organizations have taken for mobile security is to deploy some form of MDM technology. MDM technologies in Cockerill's view are only part of the solution to mobile security. MDM technology generally can provide some form of defense for devices that run within an organization's network perimeter.
One particular area of risk comes from enterprise mobile apps that can be distributed via an MDM platform.
"The challenge is that it conditions employees to accept the process of side-loading," Cockerill said. "That is opening up a delivery mechanism for malicious code; that we're concerned about."
Side-loading is the process of getting an application onto a mobile device through a means other than an app store. So, for example, with an Android device, an APK (Android application package) can be loaded to get an app onto a device. The Lookout system is designed to protect against the potential risks of side-loaded apps.
The Lookout system looks at apps that appear to be benign from the perspective of an app store but somehow contravene enterprise policies, for example, an app that is trying to access sensitive corporate data.
If a user ignores a warning about a particular threat or malicious application, the Lookout mobile-threat-protection platform can move a device into an untrusted device category. Via the Lookout API, the system can be integrated with an MDM platform, including MobileIron or AirWatch, to also identify the device as untrusted and prevent the device from gaining access to the corporate VPN.
Looking specifically at Apple's iOS, Cockerill said that in Lookout's view, malware is not coming from the Apple App Store. Rather, the likely threat vector for iOS is by way of the misuse of enterprise provisioning profiles, which is how enterprises are able to deploy apps across an organization.
"The challenge is that the app has not gone through the Apple app review process," Cockerill said. "The bad guys have realized that this is a great way to get malicious code onto iOS devices."
Due to the increasing demands of enterprise app distribution, Cockerill noted that Apple now automates the distribution of enterprise provisioning profile certificates, making it easier to get them.
"Enterprise customers want to control what side-loaded apps are allowed to run," Cockerill said. "The mobile-threat-protection platform provides visibility into side-loaded apps, and can detect if those apps are malicious."
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist.