We first looked at Mobilisafe a couple of months ago when the company’s signature mobile management suite was still in private beta. The company, which was started by former T-Mobile Android engineers, seeks to offer broad mobile device and data security without requiring the types on-device agents or profiles used by most mobile device and application management suites.
Mobilisafe executives describe their product as a mobile risk management solution rather than as a device or application management tool. The distinction being that Mobilisafe helps IT departments identify specific threats that can then be mitigated rather than simply locking specific apps and restricting access to on-device features like blocking an iPhone user’s ability to snap photos and upload them to iCloud.
Offering protection without loading software or configuration data onto a user’s personal iPhone, iPad, Android handset, or other device is Mobilisafe’s most novel feature, but isn’t really the most important.
Mobilisafe operates like enterprise network intrusion appliances. With its software deployed on an organization’s servers, Mobilisafe constantly checks the devices connecting to those servers and the resources that they offer. This offers a type of mobile surveillance not seen in standard device management tools. Using the information that mobile devices provide when connecting to a resource like a Microsoft Exchange server, Mobilisafe can deliver a very detailed analysis of the types of devices, their OS versions, and information about updates or security patches that have or haven’t been installed. The cloud based service can then alert IT to devices that have vulnerabilities due to device hardware, configuration, OS version, jailbreaking, or specific apps.
Armed with that information, IT can then take a variety of actions like engaging a device’s owner and explaining security risks to him or her, updating device software, or blocking the device from accessing network resources. That’s a different perspective than device or application management. It’s also more in line with traditional IT security and risk assessment approaches.
With that in mind, it should come as no surprise that Mobilisafe is offering a free mobile risk assessment to companies. While other security companies provide risk assessments that include potential mobile threats alongside a broader analysis, they tend to be pricier and not as targeted as what Mobilisafe is offering for free (along with a 30 day trial).
Mobilisafe is also offering a whitepaper based on its research and work with various customers. Earlier this year, the company released a report based on that research, which included these key findings:
- 71% of devices in the study contained high severity operating system and application vulnerabilities
- A new vulnerability was mapped on average to mobile devices every 1.6 days, which is 4x faster than in 2011
- 38 different OS versions in the study contained high severity vulnerabilities
- There would be a 4x drop in the percentage of devices with severe vulnerabilities if the devices were updated to the latest available firmware
Source: Mobilisafe
