Lookout, Defender ATP and Intune (Introduction)
Microsoft and Lookout have partnered to enable organizations to securely embrace smartphones and tablets in the workplace. The integration combines Lookout Mobile Endpoint Security with Microsoft M365 (aka EMS).
Lookout provides visibility into the app, network, and device-based risks, and through our deep integration with Microsoft M365, organizations can use that risk data to enforce conditional access on mobile devices.
“Mobile devices have become the new frontier for cyber attack“
The digital transformation that’s affecting every organization brings with it increasingly sophisticated threats and mobile devices are at the forefront of many cyber-attacks, the integration between Lookout and Microsoft M365 helps ensure that, despite this increased risk, any enterprise can benefit from mobile productivity with the assurance that their corporate assets are better protected.
Deploying Lookout alongside Microsoft M365 is easy using Microsoft Intune, with seamless activation using Azure Active Directory. Once Lookout activated, Lookout provides real-time visibility into threats to enforce conditional access policies.
The Lookout Security Cloud leverages a data-driven approach to detect complex patterns that indicate known and novel threats, software vulnerabilities, and risky mobile behaviors and configurations. Find out how your organization can best leverage Lookout’s platform by exploring our products below.
- Global Sensor Network allow visibility into over 100M mobile devices worldwide. Every month millions of devices in over 150 countries send security telemetry to the Lookout Security Cloud.
- Cloud-First analysis over on-device analysis techniques, whenever possible. On-device analysis techniques are inherently less secure because attackers can inspect and evade them, and they can also negatively impact device performance and battery life if over-prioritized.
- Mobile Threats provides sophisticated string of attacks seen recently on both Android and iOS devices, perpetrated both by private organizations and nation states.
- Mobile Software Vulnerabilities can exist across all layers of the mobile environment and they raise the risk that critical mobile software and hardware can be exploited by attackers to steal data and attack organizations.
- Mobile Behavior with a wide range of mobile environment configurations and behaviors, such as app data leakage, can nonetheless elevate an organization’s risk profile.
Billions of devices are connecting to corporate environments and downloading mail without being actually being managed by the company via a Mobile Device Management solution like Intune.
Those devices can be rooted, jailbroken and numerous of malicious mobile applications can be installed from the different app stores or directly side loaded to the device. Even if a device is managed through an MDM solution, administrators cannot really control what apps are installed or not. What they can check if a device is rooted, jailbroken or when some security settings are not compliant.
Microsoft and Lookout
Organizations are increasingly adopting mobile management strategies to empower mobile productivity, but in today’s, sophisticated threat landscape it’s more challenging than ever to ensure corporate data and assets stay protected. With Lookout and Microsoft M365, organizations are able to embrace a mobile-first, cloud-first approach to enable, their employees while protecting sensitive data accessed by their mobile devices.
- Microsoft M365 provides an identity-driven security solution that offers a holistic approach to the security challenges in this mobile-first, cloud-first era.
- Risk-based conditional access allow Conditional access policies within Intune allow you to protect corporate email, files and other resources from unauthorized access, based on customizable factors that ensure security and compliance, such as location, device and user state, application sensitivity and risk.
- Ease of use. The integration between Lookout and EMS allows for seamless deployment and management of the Lookout client app via Microsoft Intune and Azure AD.
Lookout for work, is installed and run on mobile devices. This app captures file system, network stack, and device and application telemetry where available, then sends it to the Lookout cloud service to assess the device’s risk for mobile threats. You can change risk level classifications for threats in the Lookout console to suit your requirements.
The compliance policy in Intune includes a rule for Lookout Mobile Threat Defense based on Lookout risk assessment. When this rule is enabled, Intune evaluates device compliance with the policy that you enabled.
if the device is found noncompliant, access to resources like Exchange Online and SharePoint Online can blocked. Users on blocked devices receive a steps to resolve the issue and regain access. Guidance is launched from the Lookout for work app.
Lookout with WDATP is extended to include mobile device threats provided by Lookout. Mobile threat information will be integrated into the WDATP operator and analytics dashboards, as well as the alerts and machine view, for a single pane of glass experience for security professionals.
Lookout is working closely with Microsoft to ensure the integration of Lookout Mobile Endpoint Security with Windows Defender ATP is simple and easy to implement with only a few clicks. There are no requirements for any additional infrastructure, and once the integration is set, new events from on iOS and Android devices will start surfacing into the Windows Defender ATP console.
How to configure and other information in upcoming articles
Lookout to offer Microsoft Windows Defender ATP customers a comprehensive mobile security integration
Lookout and Microsoft Enterprise Mobility + Security
Announcement: Microsoft & Lookout Partner to Provide Expansive Mobile Security