Lookout, Inc., an integrated endpoint-to-cloud security company, today announced the industry’s first Zero Trust access solution that dynamically adapts to changes in the risk levels of mobile endpoints and users as well as the sensitivity level of data. The solution is an expansion of Lookout Continuous Conditional Access (CCA), achieved by integrating the company’s Mobile Endpoint Security and Secure Access Service Edge (SASE) solutions. Lookout is the first SASE vendor to use native real-time device and user risk assessment to dynamically modify access and security policies from any mobile endpoint to any cloud or on-premises application.
People bypass perimeter-based security when using mobile devices and cloud apps to work from anywhere. To secure remote workers, organisations have traditionally relied on virtual private networks (VPNs), two-factor authentication and basic device security checks. The problem is these assessments are typically performed only at the time of access and are limited to whether an endpoint is managed and has antivirus enabled. Risk assessments must be performed continuously to identify new and changing app, device, network and phishing threats as well as anomalous user behavior to protect an organisation’s data based on it’s sensitivity level.
The Lookout Zero Trust access solution includes integrated data loss prevention (DLP) technology that provides insight into data sensitivity. By combining the risk assessment of devices and users with data sensitivity, organisations can now dynamically adapt access to protect apps and data rather than being limited to making blunt “yes” and “no” access decisions. With continuous risk assessment capabilities, data sensitivity insight and granular access policies, Lookout can dynamically modify data access with precision, such as redacting sensitive keywords, applying watermarks or encrypting the data so it is protected even when downloaded and distributed offline.
“With employees no longer inside office security perimeters, organisations must deploy Zero Trust-based access to safeguard their data,” says Aaron Cockerill, Chief Strategy Officer, Lookout. “In order to make smart access control decisions, organisations need better telemetry, including risk information on users, endpoints, networks and the applications they use, as well as the sensitivity of the data they access. With our Zero Trust access solution, Lookout customers have integrated access control with the ability to use all of this telemetry so that they can enable remote productivity without exposing their data to risk.”
With the integrated Lookout Security Platform that delivers Mobile Endpoint Security, Cloud Access Security Broker and Zero Trust Network Access solutions, Lookout CCA provides the following key benefits:
- Secure endpoint to cloud productivity: Employees can use mobile devices to access cloud apps and data without putting sensitive corporate data at risk. With continuous risk assessments of endpoints, users and data, Lookout CCA provides dynamic and granular access and security policies to any application, enabling an organisation to empower remote productivity – even to unmanaged devices – while remaining in full control of its data.
- Granular and dynamic policy enforcement: With full visibility into the endpoint and access infrastructure, Lookout CCA enables security teams to enforce policies consistently and precisely. For example, an organisation can choose to deny download privileges and redact sensitive information when an employee uses a personal device and network it does not manage.
- Meet compliance requirements: With continuous risk assessment of mobile endpoints, users and data, Lookout gives organisations full visibility into what’s happening across their hybrid environment. As a result, whether it’s mobile malware or risky apps, data leakage or insider threats, organisations can efficiently detect and respond, ensuring they remain compliant with corporate policies and regulations.
- Simplify operations and reduce cost: Lookout CCA combines risk assessment, access and security technologies in a single platform. This means security teams have fewer tools to juggle and can streamline their operations to reduce costs and security gaps.