MobileIron (NASDAQ:MOBL), the mobile-centric security platform for the Everywhere Enterprise, today announced multi-vector mobile phishing protection for iOS and Android devices to help organizations defend against one of the top cybersecurity threats. MobileIron Threat Defense (MTD) now offers on-device and cloud-based phishing URL database lookup to detect and remediate phishing attacks across all mobile threat vectors, including text and SMS messages, instant messages, social media and other modes of communication, beyond just corporate email.
Verizon’s 2020 Data Breach Investigations Report found that credential theft and social attacks such as phishing cause the majority of breaches, with almost one-quarter (22%) of all data breaches involving phishing specifically. Credentials were the most common attribute compromised in phishing attacks, although many other data types were also well represented.
“Phishing is a simple, yet highly lucrative method for hackers,” said Brian Foster, SVP of product management at MobileIron. “All it takes is one click on a malicious link for a hacker to compromise a user’s ID and password, and gain access to a goldmine of data. Unfortunately, hackers are exploiting enterprise security gaps amid the COVID-19 pandemic and increasingly targeting mobile devices and applications, which remote workers are using more than ever before to access corporate data.
And these mobile phishing attacks are likely to succeed, as it is very hard to verify the authenticity of links on a mobile device. The mobile user interface also makes it difficult to access and view key information, while prompting users to make fast decisions. Companies urgently need a mobile threat defense solution that detects and remediates phishing attacks across all threat vectors, beyond just corporate email, while empowering employees everywhere to be productive.”
Built on MobileIron’s leading unified endpoint management (UEM) product, MTD offers immediate, on-device phishing protection. There is no end user action required to deploy MTD on mobile devices that are enrolled in MobileIron’s UEM client; this is remotely managed by IT departments. As a result, organizations can achieve 100% user adoption, without impacting productivity. MobileIron is the only solution on the market that can automatically deploy mobile threat protection without users needing to take any action. This is critical because if security gets in the way of productivity, users will find a way around it.
“Organizations urgently need to bolster their anti-phishing technical controls, without impacting end user productivity,” said Phil Hochmuth, Program Vice President, Enterprise Mobility, IDC. “Phishing attacks are at an all-time high, with hackers capitalizing on people’s fears and using coronavirus-themed messages to deceive victims. In addition to conducting mandatory security awareness training, companies should enroll employee devices in a UEM platform and implement mobile threat defense capabilities to effectively defend against mobile phishing attacks. And organizations should take UX very seriously when evaluating mobile security solutions, as a seamless user experience is critical to success.”
MobileIron’s recent Trouble at the Top study revealed that C-suite executives often feel frustrated by security protocols and request to bypass them, despite being highly targeted by cyberattacks, including phishing attacks. The study also found that 60% of IT decision makers believe that phishing is the most significant mobile security threat faced by their organization. With MTD, organizations can ensure seamless and continuous on-device phishing protection for employees everywhere - even on devices without internet connectivity.
Organizations can choose whether to expand MTD’s multi-vector phishing protection to include cloud-based phishing URL database lookup. This enables organizations to control the balance between security and user privacy. MTD also enables organizations to improve their overall security posture and comply with regulatory requirements.
To further secure their digital workplaces and reduce the risk of breaches, organizations can implement MobileIron zero sign-on for secure and passwordless authentication to enterprise cloud services. By leveraging mobile device authentication with biometric-based access, organizations can eliminate passwords, which are the primary point of compromise in phishing attacks.
MobileIron’s multi-layered phishing protection is now available on iOS devices. These capabilities will extend to Android devices soon. To learn more, click here to check out the MobileIron Threat Defense product page or click here to register for a series of upcoming webinars.
MobileIron is redefining enterprise security with the industry’s first mobile-centric security platform for the Everywhere Enterprise. In the Everywhere Enterprise, corporate data flows freely across devices and servers in the cloud, empowering workers to be productive anywhere they need to work. To secure access and protect data across this perimeter-less enterprise, MobileIron leverages a zero trust approach, which assumes bad actors are already in the network and secure access is determined by a “never trust, always verify” model.
MobileIron’s platform combines award-winning and industry-leading unified endpoint management (UEM) capabilities with passwordless MFA (zero sign-on) and mobile threat defense (MTD) to validate the device, establish user context, verify the network, and detect and remediate threats to ensure that only authorized users, devices, apps, and services can access business resources in a “work from everywhere” world. Over 20,000 organizations, including the world’s largest financial institutions, intelligence agencies, and other highly regulated companies, have chosen MobileIron to enable a seamless and secure user experience in the Everywhere Enterprise.
Statements in the press release concerning future product availability and plans are forward looking statements, and they are subject to change. They do not represent a commitment, promise or legal obligation to deliver any material, code or functionality, and should not be relied upon in making purchasing decisions.