Zscaler has added mobile security to its arsenal of cloud-based security services, which the firm is pitching as a flexible way to fix the risk of employee-owned devices bypassing conventional filtering layers.
The firm’s alternative is to run traffic through its security layer, the Direct-to-Cloud Network, now extended in the form of the new Mobile Security Solution.
This protects the devices and the networks they connect to from botnets, phishing and cross-site scripting attacks, as well as integrating this protection with an organisation’s existing security policies.
“Security appliances have become irrelevant in securing mobile users since mobile traffic and cloud applications often bypass appliances completely,” said Zscaler founder and CEO, Jay Chaudhry.
“MDM [mobile data management] solutions have been the first step to manage and configure mobile devices; Zscaler is the natural step forward to provide security by inspecting all mobile content, enforcing policy and ensuring visibility.”
Research carried out by Zscaler estimates that about 40 percent of mobile traffic comes through the browser with the remaining chunk generated by the apps themselves, the behavior of the latter being extremely difficult to control.
The Mobile Security Solution would add some realtime visibility on this traffic, complete with a reporting facility.
The Mobile App Profiler identified privacy and security risks while the Safe Browser for Android and iOS secured browsing.
In a parallel development, Zscaler is partnering with mobile device management firms AirWatch and MobileIron to integrate its mobile security proxy with their device and data management platforms.
The question is whether the market is ready to hand over traffic filtering to a service provider when they are also going to have to buy separate appliances covering at least some of the problem.
“Whether an organization adopts BYOD, corporate-owned devices or a hybrid strategy, it is clear that mobile devices are susceptible to a myriad of threats and vulnerabilities. Purpose-built solutions are required to address the unique requirements associated with mobile security,” said IDC’s super-analyst, Charles Kolodgy, quoted by Zscaler.
