App Reputation Feature For Enterprises Enables Control, Visibility and Security for Mobile Device Apps
Mojave Networks, the leading provider of cloud-based mobile security for enterprises, has unveiled a new application reputation feature to provide enterprises with detailed insight into the applications that are being run on employee mobile devices. With this new feature, organizations can dissect and analyze the data being collected, stored or transmitted from mobile applications, enabling them to discover the potential risk of applications in their organization and make informed policies to prevent compromises or data loss.
“The ‘bring your own device’ (BYOD) trend is transitioning to ‘bring your own applications’ (BYOA) as users download more and more apps to share data, increase productivity and stay connected,” said Garrett Larsson, CEO and co-founder of Mojave Networks. “If any application running on a mobile device connected to the network is insecure, it can put highly sensitive corporate data at risk. Our new application reputation feature can help enterprises improve their mobile security posture by eliminating the risk of insecure applications.”
Key features of Mojave Network’s application reputation feature include:
– Integration with device management and network security;
– Application tracking by platform, user and device;
– Categorization of applications by risk level; and
– Customizable analytics.
The ability to deploy third-party applications allows users to choose what apps best suit their specific devices. According to data collected from Mojave Threat Labs, on average the typical mobile device has about 200 applications, including pre-installed and user downloaded applications. Each application has an average of nine permissions that users must agree to before use, and five of those permissions are typically considered moderate to high risk as they allow the applications to gain access to documents, logins, passwords and other sensitive data, which could cause a major security risk to an organization’s private data.
Mojave Threat Lab researchers focus on the hidden risk of applications by analyzing more than 2,000 applications every day. Each app goes through rigorous testing including static code analysis, signor verification, and behavioral simulation in virtual sandboxes. Since not everything about an app can be determined from static and dynamic analysis, the Mojave Threat Labs researchers uniquely combine these findings with data from real-world usage of the app. From this testing, they compute a single risk score based on more than 200 different data points in 15 different categories that organizations can use to determine which apps are appropriate and safe for them.
“On the surface, an application may seem safe, but there are always hidden risks,” explained Ryan Smith, Mojave’s Lead Threat Engineer. “Approximately 50 percent of applications fall into our category of medium risk, meaning that they have the ability to access large amounts of sensitive data, and while they may not be obviously malicious, they still have a potential risk of data loss or compromise. With the detailed data we collect about each application in the Mojave Threat Labs, we are able to properly identify and reduce the risk of malicious attacks and data theft.”
Available immediately, Mojave’s application reputation feature is available as part of Mojave’s professional and enterprise services. Mojave Networks currently supports Android and iOS and starts at $4/month/device after a free trial period. For more information and to register for an account, please visit www.mojave.net.
About Mojave Networks
Mojave Networks has pioneered a cloud-based approach to mobile security for enterprises that blocks advanced threats and protects company data. This approach gives organizations unrivaled insight into application usage, data flow, network analytics, and malicious threats while helping them control costs and comply with regulations. Founded in San Mateo, CA in 2011, Mojave Networks is used by large and medium enterprises and government agencies. The company is funded by Bessemer Venture Partners and Sequoia Capital, and its team includes former executives from Symantec, McAfee, Palo Alto Networks, and Lookout. For more information, please visit www.mojave.net.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.