Trusteer Fights Mobile Web Malware With Separate Browser Just For Work Apps

A company focused on guarding against malware infections from Web-based software applications has found that the best way to protect against such threats is to create a separate browser solely for work computing. Trusteer on Wednesday launched the Trusteer Secure Web Access Service that workers can download onto their laptops, tablets, smartphones or other portable devices in order to view work-related apps securely. Workers could then use a commercial Web browser such as Internet Explorer or Google Chrome for their personal browsing.

To use the Secure Web Access Service, end users would download the browser to their devices and then, when they wanted to access a Web application, the browser would scan the device for the presence of malware. If no problems were found, users could access the application, and both the session and data sent back and forth through the browser would be secured. If the browser detected malware, access to the app would be blocked.

If access is blocked, there are a few options the end user has for remediation, depending on the employer's security policy, says Mickey Boodaei, chief executive officer of Trusteer. "They could block you from connecting entirely, they could remove the malware and allow you to connect, or allow you to connect to a limited amount of Web applications," he says. "It depends on the sensitivity of the information that is being accessed and the severity of the malware that has been found."

The Trusteer Secure Web Access Service is designed for those situations in which employees bring their own mobile devices into the workplace, such as iPads, Samsung Galaxy Tabs or anyone of a number of smartphones, he says. "You basically have zero control over what [employees] are doing once they are not connected to your network, and they could easily get infected with malware."

The service, which starts at $35 per device per year, protects against what Boodaei calls "man-in-the-middle" and "man-in-the-browser" malware attacks. A man-in-the-middle attack is one in which an attacker manages to basically sit in between the endpoint device and the Web site the user is trying to reach. The attack system acts as a proxy that can read all the information being sent between the device and the site, and can also tamper with that information.In a man-in-the-browser attack, malware sits directly inside the browser and is able to control traffic through the browser, see security credentials and read sensitive information that the user is accessing on the corporate network. "It basically sits in the browser and sees everything and can tamper with everything," says Boodaei

Trusteer already markets a product called Trusteer Rapport, which protects PCs and Macs from Web-based malware. It is used by financial institutions to protect the Websites from which customers manage their accounts.

The Trusteer announcement comes the same week as the release of a Cisco Systems Global Threat Report for the fourth quarter of 2010, which notes that instances of Web-based malware jumped by 139 percent in 2010 from 2009. Also, the rate of Web malware encounters peaked in October 2010, at an average of 250 encounters per enterprise in that month.

Trusteer cites the RSA 2011 Cybercrime Trends Report, which identifies mobile malware as the No. 1 security trend this year. The RSA Conference 2011 begins next week in San Francisco.

See more on this topic by subscribing to Network Computing Pro Reports Browser as Attack Vector (subscription required).