New security architecture neutralizes the largest IT risks facing businesses
Menlo Security, a pioneer of cloud-based security isolation technology, today announced a new phishing prevention solution expanding the Menlo Security Isolation Platform (MSIP) to stop email threats including malicious links, credential theft and weaponized attachments. The new solution is a key milestone in the path to eliminating the most significant IT risks facing businesses.
The vast majority of enterprise cybersecurity attacks begin through targeted email phishing attacks. These attacks spread easily from user end points to infect enterprise systems with malware that is subsequently leveraged to steal credentials, intellectual property and customer data. These high level breaches result in costs to the enterprise that range from millions to even billions of dollars in damages and tarnished reputation.
Current email security approaches, utilizing “good vs. bad” schemes to detect phishing and embedded malware, fail to stop targeted threats that can compromise thousands of users for weeks or even months before being recognized and removed. Existing security products simply fail to detect every malicious link and cannot protect every individual.
Further exacerbating this problem, legacy security solutions generate frequent incident alerts, requiring security professionals to continuously rule out false positives, resulting in severe strain on over-worked and understaffed cyber security teams.
The Menlo Security Phishing Isolation solution was developed in close collaboration with Fortune 500 customers, to specifically address prevention shortfalls in existing secure email gateway products. The Menlo solution has been proven in production at scale in these demanding enterprise environments with hundreds of thousands of users. Lead customer JPMorgan Chase recently awarded Menlo Security its prestigious Hall of Innovation Award for the close collaboration and the unique value of Menlo Security’s Isolation Platform in their production environment.
Available either on-premises, as-a-service via the cloud, or as part of a managed security service, the solution easily scales to address the needs of both large enterprise and smaller companies looking to eliminate phishing risk from their environments.
"We are including Menlo Security’s phishing isolation solution in our Global Managed Security Service to help our customers deal with the growing problem of targeted phishing attacks,” said Akihiro Okada, Corporate Executive Officer, Head of Security Management Service Business Unit, Fujitsu Limited.
"Targeted phishing attacks have become a significant risk in our business,” said James Rutt, Chief Technical Officer, Dana Foundation. “Menlo Security’s phishing isolation approach is a huge step forward in protecting against these attacks."
Menlo Security Phishing Isolation delivers security without compromising the user experience or placing a significant burden on IT staff. MSIP is easily integrated with existing email infrastructure including Exchange, Gmail and Office 365. By leveraging patented Adaptive Clientless Rendering™ (ACR) technologies, the new solution enables enterprise-wide deployment of isolation security without the need to deploy or manage endpoint software, dramatically reducing risks without impacting the user experience.
“Enterprises are being compromised by spear phishing attacks at an alarming rate and need a better way to stop these exploits,” said Jeff Wilson, Senior Research Director for cybersecurity at market research firm IHS. “The Menlo Security approach using Isolation takes phishing attack prevention to a new level and will be interesting for businesses who realize that the status quo in email security is not working.”
The MSIP Phishing Isolation solution makes it safe for users to click on email links and attachments without the risk of infection from malware exploits. With this unique approach, users can safely view sites with input-field restrictions that eliminate credential theft, while providing configurable messages that enhance corporate phishing awareness training.