Integrating Lookout with Windows Defender ATP
Microsoft and Lookout have partnered to enable organizations to securely embrace mobile device in the security workplace. The integration combines Lookout Mobile Endpoint Security with Microsoft 365 Security (aka Office 365 & EMS & Windows).
Lookout provides visibility into the app, network, and device-based risks, and through our deep integration with Microsoft 365 Security solutions. Now organizations can use that risk data to enforce conditional access on mobile devices.
“Mobile devices have become the new frontier for cyber attack“
The digital transformation that affecting every organization brings with it increasingly sophisticated threats and mobile devices are at the forefront of many cyber-attacks, the integration between Lookout and Microsoft helps ensure that, despite this increased risk, any enterprise can benefit from mobile productivity with the assurance that their corporate assets are better protected.
Deploying Lookout alongside Microsoft M365 security solutions is easy using Windows Defender ATP, Graph API and Microsoft Intune, with seamless activation using Azure Active Directory. Once Lookout activated, Lookout provides real-time visibility into threats to enforce conditional access policies.
Microsoft 365 Security and ecosystem
Microsoft offers a rich set of security tools for the modern workplace. However, the growth and diversity of technology platforms mean customers will leverage solutions extending beyond the Microsoft ecosystem of services. While Microsoft 365 Security offers complete coverage for all Microsoft solutions.
Cyber attacks on businesses and governments continue to escalate and our customers must respond more quickly and aggressively to help ensure the safety of their data. For many organizations, this means deploying multiple security solutions, which are more effective through seamless information sharing and working jointly as a cohesive solution.
With Microsoft Intelligent Security Association, now partners of the association work with Microsoft to help ensure solutions have access to more security signals from more sources and enhanced from shared threat intelligence helping customers detect and respond to threats faster.
How the integration works
When Lookout is deployed in an enterprise environment along with WDATP, a customer’s WDATP Windows device view is extended to include mobile device threats provided by Lookout. Mobile threat information will be integrated into the WDATP operator and analytics dashboards, as well as the “alerts” and “machine” screens, for a single pane of glass experience for security professionals.
Lookout is working closely with Microsoft to ensure the integration of Lookout Mobile Endpoint Security with Windows Defender ATP is simple and easy to implement with only a few clicks. There are no requirements for any additional infrastructure, and once the integration is set, new events from on iOS and Android devices will start surfacing into the Windows Defender ATP console.
The new integration simply requires an organization to have WDATP and Lookout deployed, and will be generally available by early 2018.
For information about Lookout’s participation in the WDATP partner ecosystem, you can read Microsoft’s announcement. To learn more about Lookout’s integration with Microsoft’s Enterprise Mobility and Security (EMS) solution, please visit https://www.lookout.com/about/partners/microsoft.
Lookout and Windows Defender ATP
The Windows Defender ATP Console provides visibility into threats and device configuration data for Windows 10 desktop and Windows-based mobile devices. By enabling Lookout Windows Defender ATP Integration, you can extend this coverage to include the Android and iOS devices in your fleet.
Integrating with Lookout also adds device risk level information to your Windows Defender Security Operations Dashboard and reports.
How to configure integration between Lookout and WDATP
The integration between Lookout and Windows Defender ATP is simple and take only a few minutes, once integration is done you need to wait 45 minutes for settings to apply on each vendor.
First thing first is to make sure that you’ve got the relevant requirements with Lookout and Windows Defender ATP that based on the following requirements:
- Microsoft 365 E5 Licensing, including AAD integration
- Admin access to the Lookout Mobile Endpoint Security Console
- The option of Defender ATP in Lookout console
- Access token generated in your WDATP Web portal
Once you’ve got all the requirements you can continue with the integration.
Go to Windows Defender Security console and from there go to Non-Windows machine management. You can go directly to the nonWindows URL: https://securitycenter.windows.com/download/nonWindows
Next, go to Lookout integration and do the following actions:
- Switch On the Lookout option
- Generate access token (copy for later use with Lookout console)
Next, go to Lookout console and do the following actions:
- Go to System > Defender ATP
- Switch On the Integration Settings (to Enable Windows Defender ATP Integration)
- Copy the access token from Windows Defender ATP console
- Save changes