Mobile device security firm Mobilisafe launched its new cloud-based Mobile Risk Management (MRM) solution, enabling IT to identify and eliminate the significant risks associated with the Bring-Your-Own-Device (BYOD) trend. Mobilisafe's service is the first and only mobile security solution to deliver real-time vulnerability management that is easy to use, cloud-based, agentless and affordable.
A 30-day free trial is available for those interested in an evaluation of the product. As part of the launch, Mobilisafe invites companies to get a free mobile risk assessment with a downloadable desktop application. The assessment provides an immediate snapshot of all mobile devices connecting to their company's network and an overview of the risks these devices present to the organization. Similar assessments from security vendors can cost tens of thousands of dollars.
"I knew that I had a lot of insecure mobile devices connecting to my network, but until I installed Mobilisafe I really had no idea how vulnerable our company data was," said Austin Biery, director of IT, WinShuttle, and a customer of Mobilisafe. "I was initially reluctant to tackle this issue, since most solutions require me to install agents on every mobile device connecting to the network which introduces serious employee privacy concerns. Mobilisafe enabled me to avoid these employee pitfalls with a non-invasive model."
Mobilisafe, which is backed by blue-chip investors Madrona Venture Group, Trilogy Equity Partners and T-Venture, uses proprietary technology to identify connecting devices and is the only company to manage mobile vulnerability risk in real time – all without an agent on the device. Customers deploy Mobilisafe software components onto their existing servers that aid the cloud-based offering in the discovery of devices, monitoring and assessment of risk and enforcement of access controls. One of the features that makes Mobilisafe unique is that it engages employees in keeping company data secure. The employee is free to use the mobile device of his or her choice. IT uses Mobilisafe through the full lifecycle of addressing vulnerability risk: from discovery and raising employee awareness, to mitigation steps like updating firmware and remediation steps like blocking and wiping devices.
Identifying devices with outdated firmware and getting them patched has historically been difficult to complete – data from Mobilisafe's recent real life study shows that 64 percent of iOS devices and 40 percent of Android devices are running out-of-date firmware. With Mobilisafe's monitoring of firmware update availability, IT can easily use Mobilisafe to send download links and instructions to employees, making the process simple, timely and painless.
"Our research confirms BYOD is already a significant issue for almost all enterprises. Those that think through the implications want simultaneously to give their end-users the freedom to choose the device they prefer while conserving corporate assets. Doing this is certainly achievable, but there are risks to manage," said Charles Brett, vice president and principal analyst at Constellation Research (www.constellationrg.com). "What is more, many of the Mobile Enterprise Management (MEM) solutions we research focus on devices rather than users. But users may have multiple devices, all of which need management of BYOD. Mobilisafe offers such a user-based approach, along with ongoing risk evaluation and policy automation. This is much more like what forward-looking enterprises (and IT) need."
Only by continuously monitoring and assessing each device for new or known vulnerabilities is it possible to identify devices susceptible to security risks. For example, in November 2011 a vulnerability was discovered in the passcode lock feature of iOS for iPad 2, which enabled someone with physical access to a device to bypass having to enter a passcode to unlock the tablet. Data from Mobilisafe's recent real life study shows that 21 percent of the iPad 2s being used by employees to access company email are still vulnerable to this attack, six months after the discovery of the vulnerability. With Mobilisafe's solution, IT can automatically recommend the employee update the firmware of their device to eliminate the vulnerability and block devices that fail to comply.
Mobilisafe's solution, which has a typical set up time of 10 to 15 minutes, requires no hardware, on-device software or network adjustments, making it easy to deploy and use. Customers log into a cloud-based dashboard that emphasizes ease of use and an intuitive feel to assess, analyze and administer mobile risk management activities.
Mobilisafe gives IT:
- Visibility & Risk Management – Mobilisafe enables IT to discover mobilized employees and the risks their devices introduce to company data, and remediate and mitigate those risks with access control and patch management capabilities
- Freedom to BYOD – Mobilisafe enables end-users to use whatever mobile devices they wish and eliminates any fears regarding individual privacy issues
- End-User Accountability – Mobilisafe introduces end-user participation by engaging them to update their firmware on an as-needed basis to eliminate known risks
- A Cost-Effective Solution – Mobilisafe uses a per-user pricing model, as opposed to many mobile security solutions that price per device.