Mojave Networks Introduces Mobile Application Reputation Feature

Mojave Networks has added a new feature to the company’s professional and enterprise services in an effort to help organizations minimize the risks posed by the mobile applications used by their employees.

According to the company, organizations can use the new feature to discover potential risks by analyzing data collected and transmitted from mobile apps, and create policies for data loss prevention based on the information.

The new mobile application reputation offering, which is available immediately, includes features like customizable analytics, categorization of apps by risk level, application tracking, and integration with device management and network security solutions.

“The ‘bring your own device’ (BYOD) trend is transitioning to ‘bring your own applications’ (BYOA) as users download more and more apps to share data, increase productivity and stay connected,” noted  Garrett Larsson, CEO and co-founder of Mojave Networks.

“If any application running on a mobile device connected to the network is insecure, it can put highly sensitive corporate data at risk. Our new application reputation feature can help enterprises improve their mobile security posture by eliminating the risk of insecure applications.”

The company analyzes over 2,000 mobile apps every day by tracking 200 individual risk factors in 15 different categories. In addition to static and dynamic analysis, Mojave Networks said that it uses data from real-world usage of the tested applications to determine if an application is safe.

One risk that’s particularly problematic for enterprises is when private data is collected and sent to remote Web APIs, the company warned.

“Some of the most significant risk factors affecting corporate employees and individual mobile users, such as data loss and PII collection, occur not by the application itself, but within mobile advertising libraries and other library components such as social media or analytic tools,” Ryan Smith, Mojave’s lead threat engineer, explained in a blog post.

Based on the analysis of more than 11 million URLs to which mobile apps connect to, Mojave Threat Labs determined that business users connect to at least as many data-gathering libraries as consumers. During its analysis, the company found that 65% of applications downloaded by business users connect to an advertising network, and 40% of them connect to a social network API.

“It is critically important that users and IT Administrators understand what data is being collected from their devices, where it is being sent, and how it is being used. Given that the majority of the sensitive data being collected occurs within these third party libraries such as ad networks, social media APIs, and analytics tools, it is therefore important to fully understand each of the libraries included in your mobile apps,” Smith noted.

Founded in San Mateo, CA in 2011, Mojave Networks raised a $ 5 million round of funding in November 2013, in addition to launching a cloud-based, enterprise-grade solution that protects mobile devices starting at the network level. 

Tags:

• Mobile Security
• NEWS & INDUSTRY
• Privacy
• Data Protection
• Mobile & Wireless

FireEye, the recently-gone-public provider of threat protection solutions, has made its flagship threat prevention platform available for small and midsize businesses (SMBs).

The platform, dubbed “Oculus” by FireEye, is a real time, continuous threat protection platform that helps organizations protect intellectual property and data. Oculus for SMB combines technology, services, and threat expertise in a solution specially tailored to small and midsized businesses, the company said.

According to Verizon’s 2013 Data Breach Investigations Report, of the 621 confirmed data breaches examined, nearly half occurred at companies with fewer than 1,000 employees, including 193 incidents at organizations with fewer than 100 workers. These stats clearly show that attackers are targeting smaller businesses that often lack advanced IT security protections that larger enterprises tend to have in place.

According to the U.S. Small Business Administration, SMBs represent 99 percent of U.S. businesses, and according to research firm IDC, SMB spending on security technology is predicted to top $ 5.6 billion in 2015.

Oculus for SMB leverages FireEye’s advanced threat prevention platforms for Web, email, and mobile, and includes:

• Web threat protection: With the FireEye NX series platform, SMBs can stop Web-based attacks often missed by next-generation firewalls (NGFW), IPS, AV, and Web gateways. The NX series protects against zero-day Web exploits and multi-protocol callbacks to keep sensitive data and systems safe.

• Email threat protection: SMBs can leverage cloud-based or the on-premise EX series platform to protect against today’s advanced email attacks.

• Mobile threat protection: SMBs can leverage a cloud-based platform to address threats targeting mobile devices and help ensure that mobile apps are safe to use.

Oculus for SMB also provides Continuous Monitoring to help ensure that constrained security resources do not hinder an organization’s ability to counter targeted threats. Capabilities include:

• Continuous Monitoring: FireEye threat intelligence augments customer IT teams to proactively recognize advanced persistent threat (APT) attacks.

• Cybercon Reports: Vertical-specific threat information provides a view of the landscape so SMBs are better prepared to manage risk in their specific threat environment.

• Health Check: Alerts notify customers when their deployments fail remote health checks to ensure uninterrupted protection against advanced threats.

“FireEye is putting virtual machine technology into the hands of SMBs,” said Manish Gupta, FireEye senior vice president of products. “With the FireEye solution, SMBs obtain a simple and scalable security solution for advanced threats to safeguard corporate assets and drive down business risks. SMBs will enjoy unmatched advanced threat protection solution with continuous monitoring to augment their limited resources.”

Earlier this year, the security firm claimed that in over 95% of its prospective customer evaluations, it found incidents of advanced threats that were conducting malicious activities and that successfully evaded the prospective customers’ existing security infrastructure

The company was founded in 2005 by Ashar Aziz who served Chief Executive Officer until November 2012, and was followed by David DeWalt who previously served as president and CEO at McAfee from April 2007 until February 2011, after Intel’s surprise $ 7.68 billion acquisition of McAfee.

Tags:

• Network Security
• NEWS & INDUSTRY
• Malware
• Security Infrastructure

Forrester Research Analyst Phil Karcher said to me in an email that Microsoft does have a complete suite of mobile apps for Windows RT and Windows Phone, but only has Lync and OneNote apps for iOS and Android devices. It has improved browser access to SharePoint 2013, which benefits users on Android and iOS. However, it does not have mobile versions of its core office productivity applications — Word, Excel, PowerPoint on iOS and Android. He sees it as a matter of time before Microsoft opens up more to other platforms.

But Karcher said that competitors have a mixed bag, too:

Google Drive has more editing functionality on Android devices than it does on iOS today. It only introduced editing capabilities for its iOS app in September, and to my understanding only supports docs, not spreadsheets or presentations. IBM Docs has native apps with comprehensive functionality for iOS and Android today, including collaborative document editing from those devices. But a major complaint from users in general is that they want compatibility with their documents formats. Both Google and Android have the advantage of native mobile apps on popular platforms and continue to present alternatives to Microsoft for office productivity in general. But any first mover advantage in mobile support I suspect may be short-lived.

Zoho Evangelist Raju Vegesna said similarly that Windows Phone’s poor market share is a main factor in how Office fares, especially as the desktop recedes in importance:

With Windows Phone share lingering at less than 5 percent and with no iOS and Android versions of Office, users will look for alternatives. Remember, mobile share is going to be more important than desktop marketshare moving forward. Countries like India have 10x more mobile users than desktop users.

I’d love to see Office365 become something important. That would be a shift. The issue for Office comes down to portability. I should be able to open any document, on any device and have an experience that makes the mobile workflow somewhat seamless.

But in truth, not one vendor has the mobile workflow working. It is still a mix of vendors, providing different tools in their various suites. IBM Dominos, for instance, integrates with IBM Traveler, its mobile software for pushing email to mobile devices. IBM Docs integrates OpenSocial, providing a clean web experience. But at least one IBM customer I talked to uses SAP Afaria to manage its mobile devices. That shows the mix that we will continue to see as customers seek out their own workflows for connecting employees and their mobile devices.

Original Page: http://t.co/hjRmxbHu