MobileIron, the mobile-centric security platform for the Everywhere Enterprise, has announced multi-vector mobile phishing protection for iOS and Android devices to help organisations defend against one of the top cybersecurity threats. MobileIron Threat Defense (MTD) now offers on-device and cloud-based phishing URL database lookup to detect and remediate phishing attacks across all mobile threat vectors, including text and SMS messages, instant messages, social media and other modes of communication, beyond just corporate email.
Verizon’s 2020 Data Breach Investigations Report found that credential theft and social attacks such as phishing cause the majority of breaches, with almost one-quarter (22%) of all data breaches involving phishing specifically. Credentials were the most common attribute compromised in phishing attacks, although many other data types were also well represented.
“Phishing is a simple, yet highly lucrative method for hackers,” said Brian Foster, SVP of Product Management, MobileIron. “All it takes is one click on a malicious link for a hacker to compromise a user’s ID and password, and gain access to a goldmine of data. Unfortunately, hackers are exploiting enterprise security gaps amid the COVID-19 pandemic and increasingly targeting mobile devices and applications, which remote workers are using more than ever before to access corporate data.
“And these mobile phishing attacks are likely to succeed, as it is very hard to verify the authenticity of links on a mobile device. The mobile user interface also makes it difficult to access and view key information, while prompting users to make fast decisions. Companies urgently need a mobile threat defence solution that detects and remediates phishing attacks across all threat vectors, beyond just corporate email, while empowering employees everywhere to be productive,” said Foster.
Built on MobileIron’s leading unified endpoint management (UEM) product, MTD offers immediate, on-device phishing protection. There is no end-user action required to deploy MTD on mobile devices that are enrolled in MobileIron’s UEM client; this is remotely managed by IT departments. As a result, organisations can achieve 100% user adoption, without impacting productivity. MobileIron is the only solution on the market that can automatically deploy mobile threat protection without users needing to take any action. This is critical because if security gets in the way of productivity, users will find a way around it.
“Organisations urgently need to bolster their anti-phishing technical controls, without impacting end-user productivity,” said Phil Hochmuth, Program Vice President, Enterprise Mobility, IDC. “Phishing attacks are at an all-time high, with hackers capitalising on people’s fears and using Coronavirus-themed messages to deceive victims. In addition to conducting mandatory security awareness training, companies should enrol employee devices in a UEM platform and implement mobile threat defence capabilities to effectively defend against mobile phishing attacks. And organisations should take UX very seriously when evaluating mobile security solutions, as a seamless user experience is critical to success.”
MobileIron’s recent Trouble at the Top study revealed that C-suite executives often feel frustrated by security protocols and request to bypass them, despite being highly targeted by cyberattacks, including phishing attacks. The study also found that 60% of IT decision-makers believe that phishing is the most significant mobile security threat faced by their organisation. With MTD, organisations can ensure seamless and continuous on-device phishing protection for employees everywhere – even on devices without Internet connectivity.
Organisations can choose whether to expand MTD’s multi-vector phishing protection to include cloud-based phishing URL database lookup. This enables organisations to control the balance between security and user privacy. MTD also enables organisations to improve their overall security posture and comply with regulatory requirements.
To further secure their digital workplaces and reduce the risk of breaches, organisations can implement MobileIron zero sign-on for secure and passwordless authentication to enterprise cloud services. By leveraging mobile device authentication with biometric-based access, organisations can eliminate passwords, which are the primary point of compromise in phishing attacks.
MobileIron’s multi-layered phishing protection is now available on iOS devices. These capabilities will extend to Android devices soon. To learn more, click here to check out the MobileIron Threat Defense product page.