Apr 03, 2013

Top 3 Mobile Policies to Use with Mobilisafe

In today's Whiteboard Wednesday, Dirk Sigurdson talks about the top 3 mobile policies that you should be using with Mobilisafe. With the BYOD trend rising, it is important that you put in place mobile policies that protect your organization from a data breach from mobile devices. Mobilisafe makes it easy for you to set rules and guidelines around mobile devices that connect with your exchange server. From requiring a password protected lock screen to making sure that the devices have the latest firmware update, you can set policies in Mobilisafe easily to ensure that all devices connecting to your network are protected. Watch this quick video to learn more!

Interested in taking Mobilisafe for a test drive? Take our self-guided demo here!

Read Video Transcript

Hello, my name is Dirk Sigurdson. I'm the Engineering Director for Mobilisafe at Rapid7, and in this week's Whiteboard Wednesday we're going to talk about the top three policies that you can set in the Mobilisafe service.

Number one, one of the key things that we have identified is that getting employees to update their devices to the most recent firmware version is a really important way for you to reduce the risk from mobile vulnerabilities. Typically, mobile vulnerabilities are fixed in firmware updates from the operator or from the OEM, and so it's really important to get your employees updated to the most recent version.

You can very easily, with Mobilisafe, create a policy that automatically detects when employees are using out-of-date firmware, and it will send them a notification telling them about that and asking them to update to the most recent version. Now you can remind them over a period of time. You can schedule different reminders to be sent out over weeks or months. At the end of the reminder period, you can either enforce that that device be blocked from accessing your exchange server, or you can just send an alert to yourself, as the administrator, letting you know that the employee has failed to update. So that's top policy number one.

Number two are alerts. So our customers have really liked the alerting functionality that we provide with Mobilisafe, and two of the key alerts that have been used by customers are being alerted when new vulnerabilities are identified for devices. So we're constantly monitoring the national vulnerability database, and whenever we find a new vulnerability that is mapped to devices in your organization, we can very easily send the administrators an alert, letting them know about the vulnerability, and from the e-mail you can drill down into all the details for that vulnerability, to see whether or not you want to take action against that.

Another type of administrative alert that we provide are just getting visibility into devices. If you don't want to go to the Mobilisafe administration console very often, you can get alerted when new devices are identified. So when an employee brings a new device, you can get an e-mail, the administrators can get an e-mail alerting them of that action, rather than you having to constantly go to Mobilisafe web admin to detect that.

So those are one and number two. And lastly, the third important policy to enforce through the Mobilisafe product is being able to enforce passcodes. So one of the core threats with mobile devices, since they're so mobile, is employees taking them to different locations and because of their mobility, they're very easy to lose. So it's really critical for companies to enforce passcodes on these devices, so in case an employee loses their device, someone that picks it up can't just get immediately access to all the e-mails on those devices. So with Mobilisafe you can configure a policy to require passwords to be set on devices. When the device tries to sync to exchange the next time, the policy will be enforced and it will require that the user enter a passcode and that device be locked from then moving forward.

So those are the top three policies that we recommend to you using with Mobilisafe. That's this week's Whiteboard Wednesday. See you next time. Thanks.

On-Demand Webcast

Establishing Your Company's Mobile Security Policy

Watch Now