July 30, 2014
The workplace isn’t constrained by a single device in a single location. Your security shouldn’t be either.
That’s why Mojave Networks is extending mobile security to include Macs and Windows PCs. The same web security that we’ve always had for smartphones and tablets now can protect Macs and Windows PCs with threat detection, visibility into cloud apps, data loss prevention, URL filtering and robust analytics. These innovative solutions block more threats, reduce IT complexity and mitigate the risk of data loss.
Our cloud-based secure web gateway is simple to deploy, requires no hardware and saves on total ownership costs. So no matter where or how your employees access the network, you can gain visibility into network activity and control over devices for comprehensive security that keeps sensitive data safe.
Sign up now for early access to Mojave’s secure web gateway for Macs and Windows PCs.
July 24, 2014
We often hear from customers who have existing Security Information and Event Management (SIEM) tools, like Splunk or QRadar, and wish to leverage those investments in combination with the unique data that we can provide. And for our own part, we believe that security vendors should interoperate seamlessly to best protect enterprise assets. Therefore, we have been hard at work on an enterprise-integration initiative, and are pleased to announce the general availability of our real-time event API: Mojave Connect.
With this API, customers gain full visibility into the events flowing through Mojave as they happen, including,
- Network Activity — Source (IP, port, user agent), Destination (IP, port, URI), bytes transferred, protocol, network type (carrier, wifi), category, action (block, audit, allow), and more
- Device Activity — Event type (lock, wipe, locate, diagnostics, app installation, etc.), severity (alert, warning, low), device (make, model), user
Customers can then store and analyze these events as suits their needs. For example, companies can collate network events happening on devices outside of the corporate network with events happening internally. Having a single, homogeneous corpus of all network activity across the enterprise will make it easier to find anomalies and threats, and having it all centralized will make it that much easier for IT to manage.
So how does it work?
Mojave Connect consists of two layers, each providing different opportunities for integration:
- Mojave Connect SDK — The SDK (currently available for Java; other versions forthcoming) is a low-level library for consuming our real-time event streams. Customers with proprietary applications might want to use the SDK directly so that they can customize the interaction to best suit their needs.
- Mojave Connect Agent — These are higher-level software agents that wrap the SDK and are deployed onsite to provide integration with a specific third-party application:
- The Syslog Agent for Mojave Connect reads events from the event stream and logs them to the local syslog daemon.
- The Spunk Agent for Mojave Connect is a Splunk add-in (soon to be published to the Splunk App marketplace) that lets you add Mojave streams to your enterprise data as seamlessly as any other data source.
- Many more to come…
Contact us today to take the Mojave Connect API for a spin.
Special thanks to Josh Bandur for helping write this post and more importantly writing the API!
July 17, 2014
We’ve been thinking a lot about the future of cloud security lately. As workforces become more mobile, and work becomes anytime/any place/anywhere, companies have to think differently about securing their data and systems.
We want to get your feedback as we build the next-generation cloud security. Help shape our future product direction by sharing your thoughts in our two minute survey.
Stay tuned, we’ll share the results here on our blog!
June 23, 2014
Permission by proxy. That sounds pretty scary right? It happens to any of us who use apps on our mobile devices, from official or unofficial sources. Simply by using an app, we grant permission to that app to access various areas of our mobile devices. Sometimes, those permissions are extended to data sharing with other applications via app-installed libraries.
Do you want to learn more about the hidden risks in your mobile apps? Join us on Wednesday, June 25 at 11:00 AM for our webinar, “Beyond Permissions: The Truth Behind Mobile Application Risk.”
Our presenter, product marketing manager Samer Baroudi, will discuss the hidden risks of your mobile apps and how to gain visibility into the apps installed on your organization’s corporate-owned and BYOD devices.
In this webinar you’ll learn:
- Why app store apps have hidden risks
- How to add visibility into the apps on your mobile devices
- What data is collected by your apps and how it is shared
Topic: Beyond Permissions: The Truth Behind Mobile Application Risk
Date: June 25
Time: 11:00 AM PST
June 17, 2014
We wanted to take a quick break from all of our hard work and give a quick update on some important new features.
Two Factor Authentication
In the wake of recent vulnerabilities like Heartbleed, we felt it was necessary to give our users additional security around their login credentials. That’s why we recently implement two factor authentication which can now be enabled for any account by simply going to Settings -> Personal.
We chose the open TOTP standard as the underlying authentication method and made it simple enough to use that anyone can have it enabled for their account within a few minutes.
Data Usage Alerts
Another feature that customers have often requested is to receive alerts when users are approaching a certain amount of data usage. This is ideal for companies that pay for data plans and want to ensure they remain within certain usage parameters to avoid expensive overage charges.
To enable, simply go to the Network settings within a policy and set the threshold of when you want to be alerted. It’s as simple as that.
Mojave now integrates with Samsung Safe allowing more granular controls of Safe devices including preventing factory reset, booting into safe mode, and better email configuration.
All of these features are immediately available so feel free to use them and keep providing your suggestions so we can keep improving the Mojave experience.
June 11, 2014
Do you want to understand how to add control, visibility, and security to the mobile devices connected to your network? Check out our short video to find out how to secure your devices with our cloud-bases network security.
June 6, 2014
This week, we unveiled a new application reputation feature to provide enterprises with detailed insight into the applications that are run on employee mobile devices. With this new feature, companies can analyze the data being collected, stored or transmitted from mobile applications, enabling them to discover the potential risk of applications and make informed policies to prevent compromises or data loss. See the press release for more details.
Ryan W. Smith, our lead threat engineer, explained the problem to Tim Wilson at Dark Reading: “When we first come into a customer site, most of them have no idea what apps their users have installed on their devices, or what their risk exposure might be. They are accepting a level of risk on their mobile devices that they would never accept on PCs.”
In SecurityWeek, Ryan was quoted as saying: “Some of the most significant risk factors affecting corporate employees and individual mobile users, such as data loss and PII collection, occur not by the application itself, but within mobile advertising libraries and other library components such as social media or analytic tools.”
From Network World: “Unfortunately, when you give permission to an app to access your private or sensitive data, you’re also giving access to each of the included libraries and their author(s), whether you know it or not. This is like entrusting your house keys to your teenage child for the weekend, only to have them immediately make copies for their friends, unbeknownst to you.”
As you can see in the graph below, the majority to apps contain third-party ad libraries. In fact, at least 78% of all applications downloaded by business users connect to either an ad network, social media API, or analytics API – putting their personal information and their company’s sensitive data at risk. More details about how mobile ad libraries create risks for enterprise data are available in Ryan’s blog post.
- Mojave Networks Unveils New Application Reputation Offering, InfoSecurity Buzz
- Mobile apps siphon off reams of data through excessive permissions, FierceMobileIT
- Mobile Apps Leak Personal Information, Study Finds, SiliconBeat
- Mojave Networks Application Reputation Feature Aims at BYOD, eWeek
May 30, 2014
Did you miss our webinar last week, with Forrester Research’s Tyler Shields, discussing how to best understand mobile risk and mitigate it? You can now watch the recording, or download the slides.
You can also check out some of the questions we discussed during the webinar.
Stay tuned – we had too many questions, and will answer these later on our blog.
Topic: Three-Pronged Approach to Mobile Security
May 20, 2014
We posted questions one and two for our upcoming webinar, and here is the third installment: what combination of technologies can help me meet my business goals? These days, mobility managers have a range of solutions to consider to manage and protect mobile devices: mobile device management (MDM), enterprise mobility management, app reputation solutions, containerization, and firewalls. It seems like there is a new solution available every month! We’ll talk about how to build a unified approach for your mobile security in our webinar on May 21. If you have questions to ask during the webinar, post them in the comments here, or tweet with the hashtag #3ProngSecurity. Here are a few other resources to help you sort out all of the options:
Topic: Three-Pronged Approach to Mobile Security
Date: May 21
Time: 11 AM PST