Named a Visionary in Gartner Magic Quadrant for Secure Web Gateways (SWG)

Back to blog

Five steps to protect your mobile workforce from cyberthreats

Share this article

A recent Menlo Security survey of 600 IT decision makers across the U.S., the UK, and Australia found that over half think it’s impossible to fend off all the tactics used to breach mobile devices.

More than a third thought keeping up with the pace of attacks is beyond the capabilities of today’s defenses. In the UK, 92 percent of respondents said attacks on mobile devices are becoming more frequent and more sophisticated. Globally, three-quarters (71 percent) said they’ve experienced a phishing attack firsthand.

The future of work is remote, and remote means mobile. Most web searches now happen on smartphones and tablets, and mobile devices play a central role in personal and office computing—widening the array of network endpoints that need to be secured.

Wherever workers access the Internet, cybercriminals are sure to follow. Attempts to access company networks by breaching mobile devices are sharply on the rise.

So how do you secure employee smartphones and tablets given today’s expanded attack surface? For most organizations, it’s going to be a journey, requiring a transition from their current investments to a new cyber infrastructure based on the secure access service edge (SASE) architecture. But that doesn’t mean you can’t act now to fortify your mobile workforce. Here are five steps you can take today.

1. Get a grip on Zero Trust.

Most of today’s threats arrive from the web: phishing emails, infected links, dodgy sites, or malware embedded in web pages and widgets. Traditional cyber defenses try and place web content into one of two boxes—bad or good. We know that this binary approach frequently fails.

Zero Trust removes any ambiguities by starting from the assumption that all Internet content is risky. Web isolation technology is built on the Zero Trust principle and separates mobile devices from the Internet entirely, giving users a rendered view of websites and emails that never allows website code or content to execute directly on their smartphone or tablet.

2. Set the cornerstones for SASE.

Because web-borne threats are the most common, cybersecurity works best when it’s applied close to end users. The SASE architecture is an emerging approach that converges the security stacks that once lived in data centers or branch locations on the perimeter. It blends them with the connectivity stack and moves everything to the increasingly mobile network edge.

SASE isn’t currently offered in a box, and businesses can’t afford to simply rip out and replace their current cyber investments. Organizations need to rethink their legacy approach to security and move to a more modern security framework as defined by SASE. What they can do is begin their SASE journey by establishing a modern security framework.

3. Consider isolation-powered technology.

Cloud-based web isolation is a critical component of security within the SASE framework. By leveraging isolation-powered solutions, any traffic delivered to a mobile worker’s device is completely isolated. While isolation isn’t a new idea, the technology behind today’s solutions is.

Isolation makes the Internet safe, seamless, and effective for all workers. This means that organizations don’t have to sacrifice productivity for security. While the majority of other security solutions slow productivity and create barriers to getting work done, a Zero Trust approach powered by isolation allows users to click with impunity. They don’t need to worry about whether they’re clicking on an unsafe site or if the web form that popped up is legitimate.

4. Implement an isolation-powered secure web gateway.

Zero Trust is one component of a mobile-ready security framework. A secure web gateway (SWG) is another.

An SWG protects users from web-based threats by directly stopping malicious content from ever touching an employee’s mobile device. It also provides organizations with an easy way to implement acceptable use policies as their employees browse the web.

An isolation-powered SWG, however, takes a Zero Trust approach to security that allows organizations to separate the network from the Internet, assuming that all traffic is inherently bad. All content is isolated in the cloud where the content is visible, but it’s never downloaded to the endpoint—effectively creating an air gap between networks on the Internet. This helps to ensure that all malicious traffic is blocked and also ensures a higher level of user experience. With isolation, security teams can take control of mobile traffic, adding an extra layer of security for all devices on the network.

Cloud-based SWGs also provide much more scalability and flexibility than traditional on-premises legacy proxies, allowing organizations to provide comprehensive protection across enterprises of any size.

5. Treat the browser as the exploit.

Mobile web and email browsers have to be updated and patched just like their desktop cousins to remove vulnerabilities. But remote working and mobile devices make it hard for IT teams to manage everything from a central location.

Isolation-powered security solutions get around that challenge by building a protective layer around mobile workers wherever they are, blocking known and existing threats while also preventing future attacks from getting through—thus ensuring browser protection. It’s a simple, seamless solution that works behind the scenes, rather than bumping up against end users and their productivity.

The cyberthreat is mobile

Today’s cyberthreats are sophisticated, scalable, and increasingly focused on mobile devices and operating systems. Anyone with a Tor browser can buy malicious code on the dark web for a few hundred dollars, configure it for a phishing or ransomware campaign, and distribute it to thousands of potential victims by email or infected websites.

With an isolation-powered SWG, mobile devices are protected from web-borne threats by keeping them apart. Active Internet content in web pages and emails is executed away from the mobile device. This approach maintains the user experience workers demand while retaining the security benefits of isolating devices from Internet content.

Modern enterprises are considering isolation-powered security solutions to protect the productivity of their remote workforce. Learn more about why traditional cybersecurity approaches are falling short given today’s expanded threat landscape.

Share this article

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.