Microsoft and Lookout today entered into a partnership has announced the general availability of its integration of Lookout Mobile Endpoint Security with Microsoft Enterprise Mobility + Security (EMS).
Brad Anderson, corporate vice president, Enterprise and Client Mobility for Microsoft, writes that the capabilities of Enterprise Mobility + Security (EMS) and Lookout are very complementary.
“Lookout has a rich knowledge of the security and compliance concerns on iOS and Android, and EMS has the rich solution for managing access to and protecting corporate assets,” Anderson says.
“This partnership also integrates our cloud services so that EMS can govern access to corporate resources based on the risk analysis Lookout has identified on every device,” he said.
Adding further he said, they themselves use Lookout in conjunction with EMS on the iOS and Android devices here at Microsoft.
Lookout has built a product that tens of millions of consumers around the world already use and love. “They analyze more than 30M iOS and Android apps, as well as over 90k new apps every day,” write Microsoft. The really most impressing thing about Lookout is “a total of 100M mobile devices are sending telemetry back to Lookout Security Cloud.”
With the announcement, IT Administrators will now be able to enable and manage Lookout’s Mobile Threat Protection directly from the Intune console. In the administrative console “there will be multiple configurations that can be set in terms of visibility of what apps are deployed on devices,” explains microsoft.
“Similar to EMS/Intune, customers can restrict the solution to only show admins the apps on a device that have been deployed through EMS/Intune, or all apps that have been installed on device,” microsoft said.
This is important because: “There’re cases where IT should be able to see all apps on a device, and there’re other cases where they absolutely shouldn’t be able to see the entire list,” added Microsoft. “Each organization can adopt the settings that are right for their enterprise, their workforce, and their devices.”
Microsoft explains the integration works as follows:
- Allow access from devices to corporate e-mail only if the risk score is “Secured” or “Low.”
- Not synchronize corporate files to a device if its risk score is “High.”
- Not allow access to any corporate assets if Lookout’s app is not running on the device and/or properly reporting device health. It will then automatically guide users to download and activate Lookout’s app.
- Enforce a policy to deny access for a specific group of business critical apps when devices are not compliant to Lookout. General purpose LoB apps, however, would not be restricted.
- Selectively allow access to a primary collection of apps regardless of risk, while restricting access to a secondary list of apps when risk score is “Secured” or “Low.”
- Receive alerts when “High” risk devices are detected in their environments.
- Automatically trigger Lookout’s self-remediation flow when devices are non-compliant or “High” risk to then block from accessing corporate resources.
- Retire or wipe a device when it becomes “High” risk.
- The service integration here is seamless to our enterprise customers leveraging the assets of EMS to enable unified device and user (both end-user and IT Professional) identity through Azure Active Directory, explains team.
As you can see in the image below, Lookout will complement EMS by focusing on three types of threats:
- Network-based threats (man-in-the-middle and SSL attacks)
- App-based threats (trojans, spyware and rootkits)
- OS-based threats (jailbreaked iOS devices and rooted Android devices)