In today's Whiteboard Wednesday we will talk about the integration between Mobilisafe and Microsoft Office 365. See how easy it is to deploy Mobilisafe throughout your business to give you much better insight into your BYOD security.
Read Video Transcript
Hi, my name is Dirk Sigurdson, and I'm the Engineering Director for Mobilisafe at Rapid 7. Welcome to this week's version of Whiteboard Wednesday, where we're going to be talking about how Mobilisafe works.
Before I get started into that, I wanted to give you a brief overview of the functionality that Mobilisafe provides. We first give you visibility into all the devices that are connecting to your exchange and installation,
and give you information about those devices that are connecting. After we've given you visibility into those devices, we provide an assessment. We have a notion of a trust score for these devices where we rate the
devices from zero to ten, where zero is really, really bad as far as a risk threat to your organization, and ten is good.
Once we've done this assessment, we're then able to give you tools that allow you to mitigate some of the risks that we've analyzed in the assessment process. These are things like being able to send notifications to employees that are running versions of software that have high vulnerability risk, asking them to update to the most recent firmware version, for example. In order to get this functionality, we have two different deployment options. One is for companies that have an on-premise installation of Exchange 2007 or 2010. We're really excited to announce that we now have just recently added support for customers that have Office 365, or leverage Office 365.
Now we'll talk a little about the architecture of the solution, and give you some ideas as to how it works. The on-premise version, you see that you have your devices that are connecting to your Exchange server directly over ActiveSync. And we have a software package that gets installed on your Exchange client access servers that monitors this incoming traffic and identifies the devices. The information that we collect on your Exchange client access server is then uploaded to our Mobilisafe service on the back end, where we provide you all the information and visibility, and provide a web-based administration console for you to manage these devices, as well as to get visibility into the vulnerability risk.
That's the overall architecture. It's a very quick and easy installation process for on-premise deployments. It can be up and running in about five minutes. You do need the Exchange organization management credentials in order to install the package, because we do interface with the Exchange server to send remote commands. For example, if you want to go ahead and block a device from our web-based administration console, and you click a button here, we send a remote command down to the client components running on the Exchange server, which will then tell Exchange to block that device.
That's on-premise for Office 365. We can get rid of this whole box here. Office 365 is very seamless because everything is in the cloud. You go to the Office 365 site and set up your organization tab, "Hosted service for Microsoft." And what we do is we'll replace this box with Microsoft's cloud here, and they're basically hosting Exchange for you. What we do is we have the Mobilisafe cloud talk directly to the Office 365 cloud. The devices are now connecting directly up to Microsoft. We will monitor the devices that are connecting by pooling the Microsoft Office 365 environment. During the registration process of the Mobilisafe software, you'll no longer have to install any software components. It's all completely web-based. You go to our registration page, and as a second step of the process you'll need to enter your Office 365 administration credentials. Those credentials are stored by the Mobilisafe cloud to allow us to remotely send commands to Microsoft Office 365, as well as to collect information about all the devices.
Those are the two installation options that we have. Thanks for joining us for this week's version of Whiteboard Wednesday, and we'll see you next time.