We’re long past the first wave of mobile threat defense integrations with vendors. Just a few years ago, there were maybe a half a dozen MTD and EMM vendors, and every few weeks Jack would hear yet another integration announcement. Many of the early integrations mainly provided a binary device compliance signal. Now, we have moved into what might be considered a new era with plenty of mega vendors available for integration that see MTD products doing much more than before.
One well-known MTD vendor is Lookout, which announced late last year that they had updated and new integrations with their Mobile Endpoint Security (MES) product for Microsoft, Google, and VMware around unmanaged devices.
Integrating more and more with Microsoft continues to be a pretty big get for Lookout, and companies can actually now buy Lookout through the Azure Marketplace. Lookout previously integrated with Microsoft Intune for managed devices but has since expanded beyond that. In November, their integration with Intune App Protection Policies went GA, and even got a shown in a demo at Microsoft Ignite during Brad Anderson’s modern management session.
When the Lookout app discovers a threat on an unmanaged user’s device, the user is prevented from downloading or using company apps until the threat is mitigated. Lookout says there’s still some work to be done to speed up the process as it can take up to 30 minutes for Lookout’s app to talk with Intune.
Right now, Lookout is the only mobile threat defense vendor that integrates with Google’s MDM. Most interactions for admins are done through the Google Admin console. Lookout sends threat data to the console, and admins can block a device or wipe a company app’s data. Unlike with the other integrations, Google adds an extra step before a user can re-access G Suite, requiring that an admin manually approve a previously flagged device.
Lookout and Google have additionally partnered for the App Defense Alliance and BeyondCorp Alliance. For the former, Lookout’s data augments scanning from that Google Play Protect already did of apps within the Google Play Store. For Lookout, they benefit because it allows them to scan apps sooner and less expensively than before—since they have a direct integration now, they don’t have to crawl the store to scan apps.
Much like the other two mega vendors, Lookout MES already integrated with VMware's Workspace ONE for managed devices and their Trust Network integration went GA last year (alongside Carbon Black and Netskope). The new news between the two vendors is that in Fall 2019, Lookout announced that Workspace ONE Intelligence Hub now integrates with Lookout’s Mobile Risk API, which shares device and threat data so admins can address security issues specific to their environment.
Lookout continues to expand their network, working with more partners. While Microsoft, Google, and VMware are their key partners, they also work with BlackBerry Serve, IBM MaaS360, Citrix, and others.
The enterprise remains the target of MTDs, but Lookout is now also pursuing additional efforts to attract small and mid-size businesses. Companies can get Lookout’s MTD offering as part of a bundle with mobile carriers. While aimed at SMBs, there’s a second SKU for enterprises that want more granular compliance policies.