Using the Insights Dashboard
The Insights page provides a preview of a dashboard feature that provides a management view over all enterprise devices, with a sample page view.
Device Pool - The pie graph shows the distribution of devices with the app activated and protected, with pending activation statuses.
Critical Devices - The number of devices with one or more critical threats over the last 90 days is shown.
Risky Devices - The number of devices with one or more risky events over the last 90 days is shown.
OS Risk - Android and iOS devices are vulnerable due to outdated and vulnerable operating system versions, and must be updated to remove this risk.
Current Security Score - The current security score across all devices is based on an assessment of the Mobile Security app activation, risks, and threats. It increases as the activation of the app increases and as device risks and threats decrease.
Note
The security score calculation is based on Device Pool, Critical Devices, Risky Devices, and OS Risk data. It does not include the number of devices that had critical threats and risky events over the last 90 days. This score is calculated using data from the previous day.
Security Score Trend - A security score graph can be displayed over a daily, weekly, or monthly time frame.
Key Features - The enabled or disabled status values for key features of the solution, such as MDM Integration and Advanced App Analysis.
Top Critical Events - The top five critical threats are sorted based on the number of events occurring over the last 90 days.
Top Risky Events - The top five risky events are sorted based on the number of events occurring over the last 90 days.
The critical threats shown in the Insights Dashboard
The threats categorized as critical threats in the Insights dashboard display are:
Android Device - Possible Tampering
App Tampering
Device Jailbreaking/Rooting
MITM - SSL Strip
Rogue Access Point
SELinux Disabled
Site Insight - Link Visited
Suspicious Android App
Suspicious iOS App
System Tampering
Untrusted Profile
Risky events in the Insights Dashboard
The events categorized as risky events in the Insights dashboard display are:
Android Debug Bridge (ADB) Apps Not Verified
Android Device - Compatibility Not Test By Google
BlueBorne Vulnerability
Daemon Anomaly
Developer Options
Device Encryption
Device Pin
Google Play Protect Disabled
MITM - Fake SSL certificate
Rogue Access Point: Nearby
Sideloaded App(s)
Site Insight - Link Tapped
Stagefright Vulnerability
Suspicious Profile
Unknown Sources Enabled
USB Debugging Mode
Mobile security app is not activated on both work and personal profiles - Android for Work
Key features
The key features section shows a summary of the enabled or disabled status values for key features of the solution. These features show status for:
MDM Integration - This is enabled if there is at least one MDM integration set up in Mobile Security Console.
SIEM Integration - This is enabled if there is at least one SIEM integration setup in the Manage > Integrations > Data Export section of Mobile Security Console or with the Syslog pull integration.
Advanced App Analysis - This is enabled if z3A is enabled for the enterprise.
Phishing Detection - This is enabled in the key features of URL sharing or VPN-based phishing is enabled for at least one group within Mobile Security Console.
App Policy - This is enabled if at least one app policy has been created under the Policy page.