Modern mobile threats are evolving quickly
Any business could become the target of an attack, and so IT leaders everywhere must think proactively about protecting their data and critical devices. New solutions and approaches to cybersecurity are required to thwart these threats and ensure that organisations are protecting all their data, endpoints, and people.
Many organisations are looking at mobile threat defence software to support their cybersecurity efforts. The Appurity team have analysed two contenders in this space: Microsoft’s enterprise mobile security offering, Microsoft Defender for Endpoint, and Lookout for Work. Here are some of the key areas your team should look at when considering mobile threat defence software or apps, and how Microsoft and Lookout square up.
The basics and operating system compatibility
How easy is the mobile protection software to install and use? Firstly, end users must be assigned both a Microsoft Intune and a Defender licence to use Microsoft’s Defender for Endpoint. There are additional apps/features that must be installed on the device for Defender to function, too. This may include Intune/Company Portal, Defender and Microsoft Authenticator.
This shouldn’t be a deal breaker in and of itself, but Defender for Endpoint also doesn’t provide all security features – including many we deem critical – for each OS. For example, if users wish to protect their devices against jailbreaking or rooting malware, Defender does not provide this capability for Android users. Similarly, Malware Protection is not available for iOS users. In practice, this means that iOS devices will not be scanned for malicious applications found on the Apple App Store or sideloaded.
Web and content based threats are the most prolific. Any mobile threat defence solution should provide unobtrusive protection against these types of threats, for example through scanning device traffic. Microsoft Defender is limited in its compatibility where network protection is concerned, since it cannot work with existing network technologies on a device.
Lookout, however, requires the installation of just one application – Lookout for Work – for comprehensive device protection. This includes protection against malicious apps and app-based threats, both for iOS and Android. Detecting web and content based threats at the DNS level, Lookout provides a VPN-free solution to these threats.
Application protection
Application protection should be a key focus area for any business looking to mitigate against mobile-based threats. Our recommendation is that all customers with a mobile fleet should have the capabilities to protect against application threats.
The first step is visibility. Does your business know exactly which apps are being downloaded, where they’ve come from, and how they’re being used? Lookout provides full application analysis with admin visibility for enterprises. This enables businesses to centrally manage app permissions, assess the business risk, monitor malware, and detect common vulnerabilities and exposures (CVEs). Microsoft currently has no capability that can provide in-depth application visibility or awareness of vulnerable apps used across the workforce.
IT leaders should always know where potential vulnerabilities are. They should also have a view of current and emerging CVEs and the ability to instantly block access to out-of-date applications or unsupported operating systems. Lookout provides all of this functionality.
It’s important to note that Microsoft Defender also does not provide sideload detection. Businesses should always know when a user is installing a third-party application, if they do not block them as standard. Lookout for Work provides sideload detection and protection from untrusted application developers in both the App Store and Google Play.
Policy granularity
Your business needs a bespoke approach to its security, and this filters all the way down to a security policy level. Lookout for Work enables organisations to apply policies based on groups, build a variety of security profiles across their fleet of devices, and configure risk levels and remediation actions.
Microsoft Defender, on the other hand, doesn’t provide a high degree of granularity on remediation actions, which can result in broad, sweeping profiles for many users.
Productivity and ease-of-use
So, you’ve chosen a security solution that offers great functionality and all the security controls your business needs. What about its usability? Will end users be able to integrate any necessary security requirements seamlessly onto their devices?
Microsoft Defender is lacking in transparency and user education, which can lead to a difficult rollout. To contrast, Lookout for Work provides full transparency: users can understand what the application is doing, what data is being collected, and what levels of privacy are afforded to the user.
Whatever threat defence software you choose for your business, Appurity will always be here to protect what matters. Get in touch with our expert team to discuss the options for securing your business.